Difference between ServiceManager.addService(...) vs registering service in AndroidManifest.xml via <service> tag

[JonS]

Hi,

I notice that when I register my service directly via the ServiceManager (i.e. ServiceManager.addService(..) ), that it is only accessible if the client calls ServiceManager.getService(...).  So, if a client tries to invoke the usual Context.bindService(...), it will not return correctly.

However, if I register my service in the AndroidManifest.xml file using the <service> tags, then client's can bind to it properly using the Context.bindService call.

My question, is whether there are any benefits to using one over the other?  It seems that adding my service via the ServiceManager directly seems safer since it is not exposed to normal apps and therefore, they cannot invoke "startService" or "stopService" on it.  Is this accurate?  My service is a system service and I am trying to make it secure.

thanks!

J

[Quentin Swain]

Retrieving a service from the service manager returns a binder interface ... So your clients would talk through the binder interface that your service exposes. Registering a service with the manifest is used for apps to expose the component to other callers. If you have a system service it can be retrieved from the service manager but the client has to go through your interface. Either way you can use or check permissions on the caller, but if it is a system service as you say it would be more appropriate to register it with the service manager. Hope that helps some.

[JonS]

Thanks Quentin.  When I register my service using the ServiceManager, in my service, I just extend, MyService.Stub.   The problem I am having is that there is no "onBind" call like when I register using AndroidManifest.xml.  Since there is no "onBind" invocation first, I am unable to authenticate the client before they call my interface.  Is this expected?   I tried overriding the onBind call, but apparently that is a part of the "Service" class, which I do not extend.

Thanks!

J

[Quentin Swain]

So since clients will talk to your service via Binder. If your service has a reference to a context you could call checkCallingOrSelfPermission and require that callers have a permission in the implementations that are in your system service. If you take a look in the other system services like the LocationService for example there are convenience methods that perform checks on the permissions of the caller that do that. Binder  also exposes some methods to get information about the calling process like getCallingPid and getCallingUid. Below are two links to the browse-able android source if you want to take a look that might help as far as how other system services do permission checks and other methods available via binder to get information about the caller that can be used for permission checks.

 http://androidxref.com/4.2_r1/xref/frameworks/base/services/java/com/android/server/LocationManagerService.java#1423

http://androidxref.com/4.2_r1/xref/frameworks/base/core/java/android/os/Binder.java