7

Native programming platforms like React Native or Cordova gives the ability to developers to write their applications in JavaScript and publish it for both iOS and Android.

Although code-push is another service that allows the developer to update their application through cloud servers (not official app centers like Play Store or App Store), consider that a developer publish his safe app on the App Store or Play Store and after approval, update his app through code-push and add malicious logic to their app like sending user contacts or gallery images to their servers.

What guarantees for OS security are there in this scenario? And how does Google or Apple handle these apps?

Sajjad Iranmanesh
  • 89
  • 1
  • 6

1 Answers1

1

I believe there is a slight risk but you cannot use code-push to do native code changes. But still there is a risk and some steps have taken to monitor such cases. https://www.asotop1.com/blog/apple-begins-reject-hot-code-push/

Lakshitha Ruwan
  • 834
  • 8
  • 12