MobSF Broadcast Receiver Issue
Started 2 months ago by Dhanasekar in React Native
Dhanasekar replied 2 months ago
Permission: com.google.android.c2dm.permission.SEND [android:exported=true] A Broadcast Receiver is found to be shared with other apps on the device t...
Body
Permission: com.google.android.c2dm.permission.SEND [android:exported=true]
A Broadcast Receiver is found to be shared with other apps on the device therefore
leaving it accessible to any other application on the device.
It is protected by a permission which is not defined in the analysed application.
As a result, the protection level of the permission should be checked where it is
defined. If it is set to normal or dangerous, a malicious application can request
and obtain the permission and interact with the component. If it is set to signature,
only applications signed with the same certificate can obtain the permission.
1 Replies
-
Replied 2 months ago
Just add this code in AndroidManifest.xml
<permissionandroid:name="com.google.android.c2dm.permission.SEND"
android:protectionLevel="signature" />
<receiver
android:name=".YourSecondBroadcastReceiver"
android:permission="com.google.android.c2dm.permission.SEND">
<!-- Intent filters and other configurations -->
</receiver>