Application Fundamentals
Android applications are written in the Java programming language. The Android SDK tools compile the code—along with any data and resource files—into an Android package, an archive file with an .apksuffix. All the code in a single .apk file is considered to be one application and is the file that Android-powered devices use to install the application.
Android程序是用java语言来编写的,通过AndroidSDK的相关工具将编译的代码并连同数据以及资源文件打包成以apk为扩展名的存档文件,所有单独在apk文件中的代码都被称为一个应用程序并且使用它(代码)来安装应用程序。
Once installed on a device, each Android application lives in its own security sandbox:
1 The Android operating system is a multi-user Linux system in which each application is a different user.
2 By default, the system assigns each application a unique Linux user ID (the ID is used only by the system and is unknown to the application). The system sets permissions for all the files in an application so that only the user ID assigned to that application can access them.
3Each process has its own virtual machine (VM), so an application's code runs in isolation from other applications.
4 By default, every application runs in its own Linux process. Android starts the process when any of the application's components need to be executed, then shuts down the process when it's no longer needed or when the system must recover memory for other applications.
2 在默认情况下,系统分配给每一个应用程序一个唯一的linux user ID,(这个ID号是由操作系统使用的应用程序并不知情)。系统设置应用程序中所有的文件的权限只有应用程序被分配了相应的权限,那么才能够访问(linux用户权限管理)。、
3 每一个进程都是一个虚拟机实例,因此,应用程序之间运行在不同的空间中。
4 默认情况下,每一个应用程序都运行在它自己的linux进程里。当需要执行应用程序的任何组件时,Android就会开启相应的进程 。当组件不需要了或者系统为了其它应用程序必须覆盖内存的时候就关闭进程。
In this way, the Android system implements the principle of least privilege. That is, each application, by default, has access only to the components that it requires to do its work and no more. This creates a very secure environment in which an application cannot access parts of the system for which it is not given permission.
用这种方法,Android系统实现了 “最小特权原则”(最小特权原则,则是指"应限定网络中每个主体所必须的最小特权,确保可能的事故、错误、网络部件的篡改等原因造成的损失最小"。)就是说默认每一个应用程序只能够访问它需要的组件。这创造了非常安全的环境,应用程序不能够访问系统的没有授权的部分。
However, there are ways for an application to share data with other applications and for an application to access system services:
1 It's possible to arrange for two applications to share the same Linux user ID, in which case they are able to access each other's files. To conserve system resources, applications with the same user ID can also arrange to run in the same Linux process and share the same VM (the applications must also be signed with the same certificate).
2 An application can request permission to access device data such as the user's contacts, SMS messages, the mountable storage (SD card), camera, Bluetooth, and more. All application permissions must be granted by the user at install time.
然而,应用程序有很多种方式和其它应用程序分享数据、访问系统资源:
1 两个应用程序可以同时分享同一个user ID,在这种情况下,他们都能够进入对方的文件中。为了保存系统资源,拥有相同ID号的应用程序可以打包在一个linux进程中运行分享相同的虚拟机实例(多个应用程序应用必须被同一个证书签名过)。
2应用程序能够提出访问设备数据的请求,比如访问联系人,SMS信息,SD卡、照相机、蓝牙等等资源。所有应用程序只能在安装时获取权限。
2 The manifest file in which you declare components and required device features for your application.
3 Resources that are separate from the application code and allow your application to gracefully optimize its behavior for a variety of device configurations.
以上覆盖了基本的知识点但不包括在系统中应用程序是如何存在的问题。本文档的其它部分包括:
1 程序用到的核心框架组件
2 manifest文件
3 与应用代码分开的所有资源,这些资源允许你根据不同配置的硬件最大程度的优化应用的特性。
Android applications are written in the Java programming language. The Android SDK tools compile the code—along with any data and resource files—into an Android package, an archive file with an .apksuffix. All the code in a single .apk file is considered to be one application and is the file that Android-powered devices use to install the application.
Android程序是用java语言来编写的,通过AndroidSDK的相关工具将编译的代码并连同数据以及资源文件打包成以apk为扩展名的存档文件,所有单独在apk文件中的代码都被称为一个应用程序并且使用它(代码)来安装应用程序。
Once installed on a device, each Android application lives in its own security sandbox:
1 The Android operating system is a multi-user Linux system in which each application is a different user.
2 By default, the system assigns each application a unique Linux user ID (the ID is used only by the system and is unknown to the application). The system sets permissions for all the files in an application so that only the user ID assigned to that application can access them.
3Each process has its own virtual machine (VM), so an application's code runs in isolation from other applications.
4 By default, every application runs in its own Linux process. Android starts the process when any of the application's components need to be executed, then shuts down the process when it's no longer needed or when the system must recover memory for other applications.
应用程序安装到设备里面之后,它就永远存在与他自己的安全空间里面了:
1 Android操作系统是一个多用户的linux操作系统,其中的每一个应用程序就是一个用户。2 在默认情况下,系统分配给每一个应用程序一个唯一的linux user ID,(这个ID号是由操作系统使用的应用程序并不知情)。系统设置应用程序中所有的文件的权限只有应用程序被分配了相应的权限,那么才能够访问(linux用户权限管理)。、
3 每一个进程都是一个虚拟机实例,因此,应用程序之间运行在不同的空间中。
4 默认情况下,每一个应用程序都运行在它自己的linux进程里。当需要执行应用程序的任何组件时,Android就会开启相应的进程 。当组件不需要了或者系统为了其它应用程序必须覆盖内存的时候就关闭进程。
In this way, the Android system implements the principle of least privilege. That is, each application, by default, has access only to the components that it requires to do its work and no more. This creates a very secure environment in which an application cannot access parts of the system for which it is not given permission.
用这种方法,Android系统实现了 “最小特权原则”(最小特权原则,则是指"应限定网络中每个主体所必须的最小特权,确保可能的事故、错误、网络部件的篡改等原因造成的损失最小"。)就是说默认每一个应用程序只能够访问它需要的组件。这创造了非常安全的环境,应用程序不能够访问系统的没有授权的部分。
However, there are ways for an application to share data with other applications and for an application to access system services:
1 It's possible to arrange for two applications to share the same Linux user ID, in which case they are able to access each other's files. To conserve system resources, applications with the same user ID can also arrange to run in the same Linux process and share the same VM (the applications must also be signed with the same certificate).
2 An application can request permission to access device data such as the user's contacts, SMS messages, the mountable storage (SD card), camera, Bluetooth, and more. All application permissions must be granted by the user at install time.
然而,应用程序有很多种方式和其它应用程序分享数据、访问系统资源:
1 两个应用程序可以同时分享同一个user ID,在这种情况下,他们都能够进入对方的文件中。为了保存系统资源,拥有相同ID号的应用程序可以打包在一个linux进程中运行分享相同的虚拟机实例(多个应用程序应用必须被同一个证书签名过)。
2应用程序能够提出访问设备数据的请求,比如访问联系人,SMS信息,SD卡、照相机、蓝牙等等资源。所有应用程序只能在安装时获取权限。
That covers the basics regarding how an Android application exists within the system. The rest of this document introduces you to:
1 The core framework components that define your application.2 The manifest file in which you declare components and required device features for your application.
3 Resources that are separate from the application code and allow your application to gracefully optimize its behavior for a variety of device configurations.
以上覆盖了基本的知识点但不包括在系统中应用程序是如何存在的问题。本文档的其它部分包括:
1 程序用到的核心框架组件
2 manifest文件
3 与应用代码分开的所有资源,这些资源允许你根据不同配置的硬件最大程度的优化应用的特性。
5531
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
