android:debuggable
Stay organized with collections
Save and categorize content based on your preferences.
OWASP category: MASVS-PLATFORM: Platform Interaction
Overview
The android:debuggable
attribute sets whether the application is
debuggable. It is set for the application as a whole and can't be overridden by
individual components. The attribute is set to false
by default.
Allowing the application to be debuggable in itself is not a vulnerability, but
it does expose the application to greater risk through unintended and
unauthorized access to administrative functions. This can allow attackers more
access to the application and resources used by the application than intended.
Impact
Setting the android:debuggable flag to true enables an attacker to debug the
application, making it easier for them to gain access to parts of the
application that should be kept secure.
Mitigations
Always make sure to set the android:debuggable
flag to false
when shipping
your application.
Content and code samples on this page are subject to the licenses described in the Content License. Java and OpenJDK are trademarks or registered trademarks of Oracle and/or its affiliates.
Last updated 2024-09-24 UTC.
[{
"type": "thumb-down",
"id": "missingTheInformationINeed",
"label":"Missing the information I need"
},{
"type": "thumb-down",
"id": "tooComplicatedTooManySteps",
"label":"Too complicated / too many steps"
},{
"type": "thumb-down",
"id": "outOfDate",
"label":"Out of date"
},{
"type": "thumb-down",
"id": "samplesCodeIssue",
"label":"Samples / code issue"
},{
"type": "thumb-down",
"id": "otherDown",
"label":"Other"
}]
[{
"type": "thumb-up",
"id": "easyToUnderstand",
"label":"Easy to understand"
},{
"type": "thumb-up",
"id": "solvedMyProblem",
"label":"Solved my problem"
},{
"type": "thumb-up",
"id": "otherUp",
"label":"Other"
}]
{"lastModified": "Last updated 2024-09-24 UTC."}
[[["Easy to understand","easyToUnderstand","thumb-up"],["Solved my problem","solvedMyProblem","thumb-up"],["Other","otherUp","thumb-up"]],[["Missing the information I need","missingTheInformationINeed","thumb-down"],["Too complicated / too many steps","tooComplicatedTooManySteps","thumb-down"],["Out of date","outOfDate","thumb-down"],["Samples / code issue","samplesCodeIssue","thumb-down"],["Other","otherDown","thumb-down"]],["Last updated 2024-09-24 UTC."]]