It would seem that the consensus for maintaining free/paid for app versions is to use a Library, and to set a flag from each activity to get different functionality out of the code base.

How secure is this? It is my understaninding that a person could root their phone, obtain the APK and that this can be decompiled. Even if the code was obfuscated it wouldn't be too difficult to see that the application was a wrapper with a flag, and to fix the flag. Is this acceptable? I realise that there are always going to be ways around things, but this one seems quite easy.

Is there not a way in Eclipse where build flags can be used to compile different versions of code so that the full code isn't being given away in the free version?

In the Android TicTacToe sample code, the Activity launches another Activity. In my application, with separate Light and Pro packages working off the library, if I implement this method a base view is loaded and then the child view, and going back from the child view reveals the blank parent view. Is the way around this to extend the Main Activity in the library and not to setContentView in the base activities?

I would not suggest you to maintain only a single APK project. Instead, I would suggest you create three projects total; one is the Library itself, one is the free APK, and the other is the paid APK. Using this plan, your "free APK" project would do little on its own; it would effectively be a carrier for the library (though you can of course add its own code if appropriate). The "paid APK" would provide the additional functionality, and a means of telling the library to use it (through callbacks, reflection, whatever makes sense to you). This solves your concern of carrying code that you don't plan to use in that version and it doesn't require anything special of Eclipse or any other build environment.