Disallow backups
ewanas opened this issue · comments
Currently in AndroidManifest.xml android:allowBackup is true which would allow the app data to be copied via USB debugging[1]
Fix
Disable android:allowBackup
Test
- Try to access backup
Actual result
- Backups should be accessible via adb
Expectation
- Backups should not be created
[1]: IncludeSec's 2021 Q2 security audit report pp. 8-9 Low-Risk Findings L2