Dev Guide_Android Basics_Application Fundamenta

(1)

In this way, the Android system implements the principle of least privilege. That is, each application, by default, has access only to the components that it requires to do its work and no more. This creates a very secure environment in which an application cannot access parts of the system for which it is not given permission.

在這種方式下，Android系統實現了最小權限原則。也就是說，一個應用程序，默認狀況下只能訪問它運行須要的組件。這就建立了一個很是安全的環境，一個應用程序在沒有權限的狀況下沒法訪問系統的其餘模塊。

However, there are ways for an application to share data with other applications and for an application to access system services:

然而，也有一些容許應用程序共享數據的方法，和容許應用程序訪問系統服務的方法：

It's possible to arrange for two applications to share the same Linux user ID, in which case they are able to access each other's files. To conserve system resources, applications with the same user ID can also arrange to run in the same Linux process and share the same VM (the applications must also be signed with the same certificate).

 

能夠安排兩個應用程序共享相同的Linux用戶ID，這樣他們就能夠相互訪問文件。爲了保護系統資源，相同用戶ID的應用程序被安排在相同Linux進程裏，共享相同的虛擬機。

An application can request permission to access device data such as the user's contacts, SMS messages, the mountable storage (SD card), camera, Bluetooth, and more. All application permissions must be granted by the user at install time.

 

應用程序能夠經過申請權限訪問設備數據，例如用戶聯繫人，SMS消息，掛載的存儲設備（sd 卡），照相機，藍牙，等等。全部的應用程序權限必須在安裝的時候被用戶設定。