Inspecting the AndroidManifest.xml file
The application manifest is probably the most important source of information for Android application security specialists. It contains all of the information regarding an application's permissions and which components form part of an application, and it gives us quite some details about how these components will be allowed to interact with the rest of the applications on your platform. I'm going to use this recipe as a good excuse to talk about the application manifest, how it's structured, and what each component in the sample manifest means.
Getting ready
Before you can get going, you will need to have the following software:
- WinZip for Windows
- The Java JDK
- A handy text editor; usually Vi/Vim does the trick, but Emacs, Notepad++, and Notepad are all cool; we don't need anything fancy here
- The Android SDK (no surprise here!)
You may also need to go get something called
apktool; it makes decoding the AndroidManifest.xml file really...
