{ "id": "175856", "key": "AC-6639", "fields": { "issuetype": { "id": "1", "description": "A problem which impairs or prevents the functions of the product.", "name": "Bug", "subtask": false }, "project": { "id": "12217", "key": "AC", "name": "Appcelerator - INBOX", "projectCategory": { "id": "10000", "description": "", "name": "Customer Service" } }, "resolution": null, "resolutiondate": null, "created": "2020-12-04T08:08:51.000+0000", "labels": [], "versions": [ { "id": "17038", "name": "Appcelerator Studio 4.5.0", "archived": false, "released": false } ], "issuelinks": [], "assignee": { "name": "amukherjee", "key": "amukherjee", "displayName": "Abir Mukherjee", "active": true, "timeZone": "America/Los_Angeles" }, "updated": "2020-12-07T04:14:11.000+0000", "status": { "description": "The issue is open and ready for the assignee to start work on it.", "name": "Open", "id": "1", "statusCategory": { "id": 2, "key": "new", "colorName": "blue-gray", "name": "To Do" } }, "components": [ { "id": "14548", "name": "Titanium SDK & CLI", "description": "Please enter tickets related to the MobileSDK here." } ], "description": "We have done the security scan for our android app which is build using titanium sdk\r\n\r\nAs per the output of security, scan says that \"This app can kill any other running app including itself\"\r\n\r\nDetails:\r\norg.appcelerator.titanium.util.TiUIHelper\r\norg.appcelerator.titanium.TiExceptionHandler\r\n\r\nAbove API is responsible for the same.\r\n\r\nSo is there are any security concerns related to the mentions API. ", "attachment": [], "flagged": false, "summary": "Is it possible titanium android app can kill any other running app including itself.", "creator": { "name": "shishir.roy", "key": "shishir.roy", "displayName": "shishir.roy", "active": true, "timeZone": "America/Los_Angeles" }, "subtasks": [], "reporter": { "name": "shishir.roy", "key": "shishir.roy", "displayName": "shishir.roy", "active": true, "timeZone": "America/Los_Angeles" }, "environment": "Android ", "comment": { "comments": [ { "id": "457797", "author": { "name": "jquick", "key": "jquick", "displayName": "Joshua Quick", "active": true, "timeZone": "America/Los_Angeles" }, "body": "I'm not exactly sure what your security scanner is referring to in those classes. We've ran security scanners on our software before and I don't recall a warning such as this. Can you provide us more detail? Like what Java APIs the scanner has a problem with?\r\n\r\nI'm especially baffled by it flagging our {{TiExceptionHandler}}, which is used to catch unhandled exceptions. If anything, that helps prevent the app from kill itself.\r\n", "updateAuthor": { "name": "jquick", "key": "jquick", "displayName": "Joshua Quick", "active": true, "timeZone": "America/Los_Angeles" }, "created": "2020-12-04T18:16:29.000+0000", "updated": "2020-12-04T18:16:29.000+0000" }, { "id": "457815", "author": { "name": "shishir.roy", "key": "shishir.roy", "displayName": "shishir.roy", "active": true, "timeZone": "America/Los_Angeles" }, "body": "One of our client run zimperium tools for our app which is developed using titanium sdk. So they have provided us the result which says that \"*This app can kill any other running app including itself*\"\r\n\r\nand more details of APIs \r\n\r\norg.appcelerator.titanium.util.TiUIHelper\r\norg.appcelerator.titanium.TiExceptionHandler\r\n\r\nSo we wanted to know that is any possibility of the above scenario could happen in the android app which is developed using Titanium sdk.", "updateAuthor": { "name": "shishir.roy", "key": "shishir.roy", "displayName": "shishir.roy", "active": true, "timeZone": "America/Los_Angeles" }, "created": "2020-12-07T04:14:11.000+0000", "updated": "2020-12-07T04:14:11.000+0000" } ], "maxResults": 2, "total": 2, "startAt": 0 } } }