How to get application package name or UID which is trying to bind my service from onBind function?

Question

I have a service in an application, and I can reach this service from different applications. And when applications are tried to bind this service I want to know which appli

Answer 1

I was looking how LocationManagerService restricts access, and here is what I found:

1. They make you pass the package name whenever you try to access location

// android.location.ILocationService

Location getLastLocation(LocationRequest request, String packageName) throws RemoteException;

2. When handling the transaction they check if the caller uid matches the package name that was provided (as mentioned in other answers there may be multiple package names that share same uid).

// com.android.server.LocationManagerService

public Location getLastLocation(LocationRequest r, String packageName) {
    ...
    checkPackageName(packageName);

    // From this point on we assume that the provided packageName is the real one
    if (mBlacklist.isBlacklisted(packageName)) {
        if (D) {
            Log.d(TAG, "not returning last loc for blacklisted app: "
                    + packageName);
        }
        return null;
    }
    ...
}
...
private void checkPackageName(String packageName) {
    if (packageName == null) {
        throw new SecurityException("invalid package name: " + null);
    }
    int uid = Binder.getCallingUid();
    String[] packages = mPackageManager.getPackagesForUid(uid);
    if (packages == null) {
        throw new SecurityException("invalid UID " + uid);
    }
    for (String pkg : packages) {
        if (packageName.equals(pkg)) return;
    }
    throw new SecurityException("invalid package name: " + packageName);
}

I guess, this is satisfactory, because for the apps to share uid they need to be signed with the same key, so could be equally trusted