License file (text file) contains User Identity

[kaizokan]

The license file is a normal .txt file containing the license code but also your full name and email address, which is accessible by any app with access to the memory of your phone.

M66B: "Because this is the nature of this kind of licenses. They need to be personal identifiable. The license of for example Titanium Backup works the same. Nevertheless, please create an issue for this, because of the nature of XPrivacy it is a valid concern."

If a name is necessary maybe generating the license code with the use of fake name (or code) and no email could do.

Ideas are welcome.

[amishmm]

Suggested solution:

1. Have import license option in settings
2. After import it can be stored in say /data/xprivacy/ (optionally delete file from sdcard after import)
3. Change owner and group of /data/xprivacy to that of XPrivacy app itself.
4. XPrivacy should look for it in /data/xprivacy/ instead of (or in addition to) /sdcard
5. (Optional) If valid license exists in /sdcard/ (but not in /data/xprivacy) then it may prompt user to import and then delete it.

If user uninstalls XPrivacy or wipes data. He can easily re-import it. (Obviously we assume that he has taken backup)

[M66B]

Test version: http://d-h.st/i4j