Application Fundamentals(1)

Application Fundamentals

Android apps are written in the Java programming language.
安卓应用是用Java语言写的。

The Android SDK tools compile your code—along with any data and resource files—into an APK: an Android package, which is an archive file with an .apk suffix.
安卓开发工具编译你的源码，连同所有的数据和资源文件，打成一个安卓包，一个后缀为apk的档案文件。

One APK file contains all the contents of an Android app and is the file that Android-powered devices use to install the app.
一个apk文件包含了一个应用的所有内容，并且它也用于在安卓设备上安装这个应用

Once installed on a device, each Android app lives in its own security sandbox:
应用一旦安装到了设备上，每一个安卓应用存活在他们自己的安全沙箱中。

The Android operating system is a multi-user Linux system in which each app is a different user.
安卓系统是一个多用户的linux系统，每一个应用都是一个独立的用户。

By default, the system assigns each app a unique Linux user ID (the ID is used only by the system and is unknown to the app). The system sets permissions for all the files in an app so that only the user ID assigned to that app can access them.
默认的，系统给每一个应用分配一个唯一的linux用户id(这个id只对系统可见而应用是不可见的)。系统为每一个应用的所有文件都设置了权限，应用只能访问与他们用户id相匹配的文件。

Each process has its own virtual machine (VM), so an app’s code runs in isolation from other apps.
每一个进程有他们自己的虚拟机，每一个应用代码的运行都与其他应用隔离。

By default, every app runs in its own Linux process. Android starts the process when any of the app’s components need to be executed, then shuts down the process when it’s no longer needed or when the system must recover memory for other apps.
默认的，每一个应用运行在他们自己的linux进程中。当应用中的任何一个组件需要被执行，安卓就会启动他的进程，而当组件不再需要了或者系统必须从其他应用回收内存，进程就会被终止。

In this way, the Android system implements the principle of least privilege. That is, each app, by default, has access only to the components that it requires to do its work and no more. This creates a very secure environment in which an app cannot access parts of the system for which it is not given permission.
通过这种方式，安卓系统执行“最少权限原则”。也就是说，每一个应用默认只能访问他需要做的事情中涉及的组件。这样就创造了一个应用无法去执行系统未给予相应权限的操作的安全环境。

However, there are ways for an app to share data with other apps and for an app to access system services:
然而，对于应用来说还是有一些方法可以跟别的应用分享数据或者访问系统服务:

It’s possible to arrange for two apps to share the same Linux user ID, in which case they are able to access each other’s files. To conserve system resources, apps with the same user ID can also arrange to run in the same Linux process and share the same VM (the apps must also be signed with the same certificate).
可以安排两个应用使用相同的linux用户id，这种情况下，它们就可以访问对方的文件。为了节省系统资源，拥有相同用户id的应用将被安排运行在同一个进程并且共享虚拟机(前提是应用必须有相同的签名证书)。

An app can request permission to access device data such as the user’s contacts, SMS messages, the mountable storage (SD card), camera, Bluetooth, and more. All app permissions must be granted by the user at install time.
一个应用可以请求访问设备数据的权限，比如用户联系人，短信信息，挂载存储(sd卡)，照相机，蓝牙甚至更多。所有应用权限必须在安装的时候得到用户的批准。

That covers the basics regarding how an Android app exists within the system. The rest of this document introduces you to:
为了能够完整覆盖关于一个安卓应用是怎么存在于系统的基础知识。这篇文档的剩余部分将向你介绍:

The core framework components that define your app.
定义应用程序的核心框架组件

The manifest file in which you declare components and required device features for your app.
为你的应用声明组件和请求设备特性的清单文件。

Resources that are separate from the app code and allow your app to gracefully optimize its behavior for a variety of device configurations.
和应用代码隔离开，在各种设备配置上让你优雅的优化应用行为的资源