doc tweaks

jdcormie · jdcormie · commit 148457debaab · 2025-06-03T12:40:25.000-07:00
diff --git a/binder/src/main/java/io/grpc/binder/BinderChannelBuilder.java b/binder/src/main/java/io/grpc/binder/BinderChannelBuilder.java
@@ -284,19 +284,19 @@ public BinderChannelBuilder strictLifecycleManagement() {
   }
 
   /**
-   * Checks servers against this channel's {@link SecurityPolicy} *before* binding.
+   * Checks servers against this Channel's {@link SecurityPolicy} *before* binding.
    *
    * <p>Android users can be tricked into installing a malicious app with the same package name as a
    * legitimate server. That's why we don't send calls to a server until it has been authorized by
    * an appropriate {@link SecurityPolicy}. But merely binding to a malicious server can enable
-   * "keep-alive" and "background activity launch" attacks, even if security policy ultimately
+   * "keep-alive" and "background activity launch" abuse, even if security policy ultimately
    * causes the grpc connection to fail. Pre-authorization is especially important for security when
    * the server's address isn't known in advance but rather resolved via target URI or discovered by
    * other means.
    *
    * <p>Note that, unlike ordinary authorization, pre-authorization is performed against the server
-   * app's UID, not the UID of the server process. These can be different, most commonly due to
-   * services that set `android:isolatedProcess=true`.
+   * app's UID, not the UID of the process hosting the bound Service. These can be different, most
+   * commonly due to services that set `android:isolatedProcess=true`.
    *
    * <p>Pre-authorization is strongly recommended but it remains optional for now because of this
    * behavior change and the small performance cost.

Original file line number	Diff line number	Diff line change
`@@ -284,19 +284,19 @@ public BinderChannelBuilder strictLifecycleManagement() {`
`284`	`284`	`}`
`285`	`285`
`286`	`286`	`/**`
`287`		`- * Checks servers against this channel's {@link SecurityPolicy} before binding.`
	`287`	`+ * Checks servers against this Channel's {@link SecurityPolicy} before binding.`
`288`	`288`	`*`
`289`	`289`	`* <p>Android users can be tricked into installing a malicious app with the same package name as a`
`290`	`290`	`* legitimate server. That's why we don't send calls to a server until it has been authorized by`
`291`	`291`	`* an appropriate {@link SecurityPolicy}. But merely binding to a malicious server can enable`
`292`		`- * "keep-alive" and "background activity launch" attacks, even if security policy ultimately`
	`292`	`+ * "keep-alive" and "background activity launch" abuse, even if security policy ultimately`
`293`	`293`	`* causes the grpc connection to fail. Pre-authorization is especially important for security when`
`294`	`294`	`* the server's address isn't known in advance but rather resolved via target URI or discovered by`
`295`	`295`	`* other means.`
`296`	`296`	`*`
`297`	`297`	`* <p>Note that, unlike ordinary authorization, pre-authorization is performed against the server`
`298`		`- * app's UID, not the UID of the server process. These can be different, most commonly due to`
`299`		- * services that set `android:isolatedProcess=true`.
	`298`	`+ * app's UID, not the UID of the process hosting the bound Service. These can be different, most`
	`299`	+ * commonly due to services that set `android:isolatedProcess=true`.
`300`	`300`	`*`
`301`	`301`	`* <p>Pre-authorization is strongly recommended but it remains optional for now because of this`
`302`	`302`	`* behavior change and the small performance cost.`