Can anyone confirm that the documents directory file storage method with Flutter is secure or whether the AppData directory is where/how Android stores its Internal Storage files?

有谁能确认使用Flutter的document directory file storage方法是安全的,或者AppData directory是否位于Android如何存储其内部存储文件的位置?

I'm looking at storing some persistent local data on the device but I want to make sure the data I write is not plain text or accessible by anyone/anything else. If this was a regular Android application, I'd be using Android's Internal Storage which says data stored is "private to your application and other applications cannot access them (nor can the user). When the user uninstalls your application, these files are removed."

我希望在设备上存储一些持久的本地数据,但我希望确保我所编写的数据不是纯文本,也不是任何人或任何其他人都可以访问的。如果这是一个普通的Android应用程序,我就会使用Android的内部存储,它说存储的数据是“应用程序的私有数据,其他应用程序不能访问它们(用户也不能)”。当用户卸载应用程序时,这些文件将被删除。

Flutter has its own platform-agnostic way to read and write files and its documentation says saving things to its documents directory stores files "only it can access. The system clears the directory only when the app is deleted. On iOS, this corresponds to NSDocumentsDirectory. On Android, this is the AppData directory."

Flutter有自己的平台无关的方式来读取和写入文件,它的文档说,将文件保存到它的文档目录中,“只有它可以访问”。系统只在删除应用程序时才清除目录。在iOS上,这对应于NSDocumentsDirectory。在Android上,这是AppData目录。

It looks like these are talking about the same thing and would therefore meet my security criteria, but these are things I'm not very familiar with and I don't want to take a risk with my users' data. I tried googling to find out what gets saved in the "AppData" directory on Android but mostly found people talking about their Android Studio installations.

看起来这些都是相同的东西,因此会满足我的安全标准,但这些是我不太熟悉的东西,我不想冒用户数据的风险。我试着在谷歌上搜索,看看Android上的“AppData”目录保存了什么,但大多数人都在谈论他们的Android Studio安装。

1 个解决方案

#1

1

Yes, NSDocumentDirectory on iOS and AppData on Android are secure locations.

是的,iOS上的NSDocumentDirectory和Android上的AppData都是安全位置。

This line from the example gives you the correct path for storing files which can only be accessed by your app:

示例中的这一行为您提供了存储文件的正确路径,这些文件只能由您的应用程序访问:

String dir = (await PathProvider.getApplicationDocumentsDirectory()).path;

String dir = (wait PathProvider.getApplicationDocumentsDirectory()).path;

On Android dir resolves/data/data/com.yourcompany.AppName/. On iOS devices the folder is /var/mobile/Containers/Data/APP_ID/Documents.

在Android上dir / com.yourcompany.AppName /解析/数据/数据。在iOS设备上,文件夹是/var/ mobile/containers/data/app_id/document

Check the Android Security Tips , the section on Internal Storage:

查看Android安全提示,内部存储部分:

By default, files that you create on internal storage are accessible only to your app. Android implements this protection, and it's sufficient for most applications.

默认情况下,你在内部存储上创建的文件只能被你的应用程序访问。

The exception here is that when your app runs on a rooted Android device, the app data folder is not secure any more, see https://stackoverflow.com/a/8184699.

这里的一个例外是,当你的应用程序运行在一个有根的Android设备上时,应用程序数据文件夹不再安全,参见https://stackoverflow.com/a/8184699。

更多相关文章

  1. Android的支持库 && app/apk包进系统 && 预置so库进系统 && 预置
  2. 为什么我的Android应用程序偶尔可以非常快地耗尽电池?
  3. Android Studio Gradle 缓存文件夹设置
  4. 如何在android 5.0(L)中运行应用程序活动名称?
  5. Android应用程序启动过程上
  6. NDK笔记---Android.mk文件
  7. android设备中的临时文件夹在哪里?
  8. 使用Java解析XML文件以获取名称列表
  9. cocos2d-x避免手动修改android.mk文件来编译

随机推荐

  1. php魔术常量教程
  2. PHP:微信支付服务商开发相关的那点事
  3. 使用PHP自建稳定可靠的守护程序
  4. 不要在循环体中使用array_push()
  5. PHP操作Redis的基本方法
  6. 详解正则表达式
  7. PHP-FPM与Nginx的通信机制总结
  8. PHP性能分析平台搭建
  9. PHP生成奖状
  10. PHP实现Snowflake生成分布式唯一ID