Hello,
I've written a
small tool that allows loading Kindlets outside of their sandbox. Right now it only works for the Kindle 4 (software version 4.1.0), but I think it could be easily ported to Kindle 3 and Touch.
It implements a custom classloader for the kindlets, which skips all the sandboxing checks: certificates, java permissions and class whitelisting. With it, when launching a Kindlet for the first time, you will get a dialog (see attached screen-shot) asking if you want to allow it full permissions (using the custom classloader) or load it normally (inside the regular Kindlet API sandbox).
If you load it with full permissions:
- the certificate checks will not be performed; so the kindlet can be signed with a developer key, or not signed at all, it does not matter; you will not need to install any developer certificates.
- the kindlet will have full access to the device's filesystem, not just inside the regular sandbox -- it will be able to read and write any file.
- the kindlet will have full access to the Java framework's classes, not just to the Kindlet API. This is not as useful as it may sound due how heavily obfuscated the framework is.
Detailed documentation is available, as well as an already-built .jar ready-to-use.
Hope you find it useful
.
Cheers,
-pwr