[AC-6639] Is it possible titanium android app can kill any other running app including itself.
| GitHub Issue | n/a |
|---|---|
| Type | Bug |
| Priority | n/a |
| Status | Open |
| Resolution | Unresolved |
| Affected Version/s | Appcelerator Studio 4.5.0 |
| Fix Version/s | n/a |
| Components | Titanium SDK & CLI |
| Labels | n/a |
| Reporter | shishir.roy |
| Assignee | Abir Mukherjee |
| Created | 2020-12-04T08:08:51.000+0000 |
| Updated | 2020-12-07T04:14:11.000+0000 |
Description
We have done the security scan for our android app which is build using titanium sdk
As per the output of security, scan says that "This app can kill any other running app including itself"
Details:
org.appcelerator.titanium.util.TiUIHelper
org.appcelerator.titanium.TiExceptionHandler
Above API is responsible for the same.
So is there are any security concerns related to the mentions API.
I'm not exactly sure what your security scanner is referring to in those classes. We've ran security scanners on our software before and I don't recall a warning such as this. Can you provide us more detail? Like what Java APIs the scanner has a problem with? I'm especially baffled by it flagging our
TiExceptionHandler, which is used to catch unhandled exceptions. If anything, that helps prevent the app from kill itself.One of our client run zimperium tools for our app which is developed using titanium sdk. So they have provided us the result which says that "*This app can kill any other running app including itself*" and more details of APIs org.appcelerator.titanium.util.TiUIHelper org.appcelerator.titanium.TiExceptionHandler So we wanted to know that is any possibility of the above scenario could happen in the android app which is developed using Titanium sdk.