1

I am developing an app in android which consists of activities that need to connect to the Database . I added my database file in assets folder which gets copied over to applications database directory on first time the app runs but "assets" directory and "data" directory(on rooted devices) can be accessed by any other application . I'm confusing between using database file or create database in code . If i create database in code it make the database file disappear in the "assets" folder . When users change the file extension from .apk to .zip ,database file will not appear in assest folder . What I should to do ?

Please give me some advice !

Improve this question

3 Answers 3

Reset to default
1

Both ways are good and useful it completely depends on your need. By creating database in code you can secure your data from other applications but it will take so much pain to create it in that way so i suggest you to use a db or sqlite file in assets folder and while copying database on device or data folder use some security parameters to encrypt it or you can hide your app database folder on device so other applications and users will be not able to access it easily.

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

1

Well keeping Database in assets folder is not at all a bad practice plus it saves coding of creating a database , as far as you want to make it secure you have to do 2 things

1.keep you database in assests folder , and copy and save it in the internal memory , now its available only to your application and delete it from assests folder .

2.Use Proguard to protect it from somebody decompiling your application and obtaining the assests.

And yea if its a confidential data in the application and your application is worth it then you can also go for "encrypting data" but yea its a TDS task , see for yourself what suits you now.

Improve this answer

3 Comments

I want use database file from assests folder . But when some one change extension from .apk to .zip . They can see database file . It's not good .
For that you use proguard , and just like you are using ur database from assests folder, so put ur db in your assests folder and when the application starts just copy it from assests folder to internal memory and delete it from assests folder . Hence you get both the things : 1.using proguard you protected it from getting exposed to public even if somebody changes the apk to zip. 2.removing it from assets folder to internal memory makes it unavailable to any other application other than your ,and at the same time you can use it just the way you were using it when it was in assets folder
How to protect database in assests folder using proguard ??? Give me some tutor to do this !
0

Honestly, this is the best explained and a very complete tutorial on the subject SQLite Android Tutorial

Don't get repulsive, because it's a bit longer one. Everything is explained nicely and you don't have to do the thinking about the location of your asset folder on different devices and so on...

Improve this answer

1 Comment

I don't need a tutorial . I need some advice about secure SQLite database .

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.