[guardian-dev] Sharing encrypted content with other apps

David Holl david at ad5ey.net
Tue Jan 28 20:13:20 EST 2014


a) How feasible would it be to use "FUSE" to let an app appear as a whole
file system to another app?

On a quick search, it looks like there's some activity in porting libfuse
to android:
https://github.com/seth-hg/fuse-android
(and other ports)

I don't know if the Android kernel has been compiled with FUSE support
though.  (nevermind having the permissions to have your app-backed
filesystem mounted...)

But if it worked, then an app could provide full file access semantics --
more so than the clever pipe idea.


b) Another idea --- getting back to the clever pipe approach...  It would
be cool if unix socket URI's are available, such as
"unix:///tmp/data/blah.txt" or "socket:///tmp/data/blah.txt" or whatever
the URI scheme is.


c) But in lieu of a file socket, could an app share a document with another
app by creating it's own mini http server socket, but bound to localhost on
some randomized (OS-assigned) port?  Then the app could hand over a URI
such as http://localhost:23901/blah.txt


Would any of these ideas work?

/curious




On Tue, Jan 28, 2014 at 7:47 PM, Mark Murphy <mmurphy at commonsware.com>wrote:

> On Tue, Jan 28, 2014, at 16:37, Natanael wrote:
> > Couldn't you share a file specific decryption key via the Intent with the
> > app that needs to open it? But then it needs to be aware of that the file
> > is encrypted and use a specific API, unless you put the key in the
> > filename
> > it's supposed to make a request for when opening it (I don't think that's
> > a
> > good idea).
>
> Having an encryption key in the Uri would be seriously risky. Otherwise,
> yes, third-party apps would need to be encryption-aware, which has all
> sorts of problems (they aren't, it would require them to collect the
> passphrase, etc.).
>
> I have not tried having the request for content block while your app
> scurries around to try to collect a passphrase, but Android's
> architecture means that's unlikely to work well.
>
> --
> Mark Murphy (a Commons Guy)
> http://commonsware.com | http://github.com/commonsguy
> http://commonsware.com/blog | http://twitter.com/commonsguy
>
> _The Busy Coder's Guide to Android Development_: Version 5.5... And
> Still Going Strong!
> _______________________________________________
> Guardian-dev mailing list
>
> Post: Guardian-dev at lists.mayfirst.org
> List info: https://lists.mayfirst.org/mailman/listinfo/guardian-dev
>
> To Unsubscribe
>         Send email to:  Guardian-dev-unsubscribe at lists.mayfirst.org
>         Or visit:
> https://lists.mayfirst.org/mailman/options/guardian-dev/david%40ad5ey.net
>
> You are subscribed as: david at ad5ey.net
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.mayfirst.org/pipermail/guardian-dev/attachments/20140128/d3d3ba46/attachment-0001.html>


More information about the Guardian-dev mailing list