I'd like to take away a certain permission from an application. I know CM7 has integrated this feature, but it's my wife's phone, and she likes ComRom 2.1. Would I be able to achieve this by editing the AndroidManifest.xml file to exclude that specific permission?
Related
How do you change where config files and libraries are stored for a particular apk? I want to move some config files to /system but I don't know how to get the app to recognize them once I move them. I already decoded the thing and have access to all the smali files, but don't know what to do with them. If anyone could just point me in the right direction so I could learn more about this, about what file tells the install where to look, that would be fantastic. Like, why does a library work if it is in /system/lib/ OR if it is in /data/data/apkname/lib/?
I am trying to sync a rostering app between two devices using dropsync.
The .db files that need syncing are in the /data/data/com.blah.blah/databases directory. Using Root explorer I can change the permissions to give full rw permission to others. The two .db files will then upload to the dropsync server.
The problem is that whenever the app is opened and anything modified, the permissions change back to default and thus dropsync can't access the modified .db
Is there anyway to change this or am I wasting my time? what is the 'sticky' box option in RE?
I'm not sure precisely what "sticky" means, but it's not what you want--it doesn't involve persistence or "sticking".
You could try to make the files not owned by the app but set it so the group is the app. Make sure the group can read/write/execute, or whatever it needs. This way, the app can still use the file but won't be able to change its permissions.
Of course, it could see that it doesn't own the file and refuse to run. I'm not sure what sort of checks the program's authors implemented. This also won't work if the file is deleted and created anew--the new file would be owned by the app.
Yeah thanks for that,
I tried the ownership and group swap earlier, and am pretty sure the app re- writes the db.
Don't think is going to work.
cheers
Well its obvious that the app, when opened sets the permissions to the .db files so that they wont be usable by others. The way you describe the problem is more likely to be a file owner problem and not with the permissions. Try to set the app and the files to the same owner and see if that works. You could always make a script that would change the permissions/ownership of the file.
FYI,
The sticky bit is a special part of the permissions mask for a file or directory. When set on a directory, it tells the system to prevent anyone but a containing file's owner from deleting files in that directory. This is handy if you have a directory that's being used by multiple users on a system as scratch space as it prevents people from wiping out others' files.
For files....the behavior isn't defined.
Hope this helps,
- chris
Hi, I have recently tried to create a program which outputs the permissions required by a apk using the command "aapt d permissions apkfilename.apk". I tried it on a list of apk files and most of it worked. However there appears to be 1 apk which provides an error stating: dump failed because no AndroidManifest.xml found. There is also another second apk file which provides no error message when the aapt command is used, however no permissions are listed. Based on that observation I have a couple of questions regarding permissions.
1.) I was wondering, is it possible for a apk file to work on a phone despite not having a androidmanifest.xml file (after the apk is installed into the phone)?
2.) In addition to that, is it possible for a apk file (after the apk is installed into the phone) to use permissions without asking the user for permission?
3.)Is there any another file/command which could definitely list the permissions required by the apk, assuming if the person who created the apk tried to hide the permissions required?
4.)The aapt program output two types of permission, uses-permission and permission. What are the differences between the two?
dk3498 said:
Hi, I have recently tried to create a program which outputs the permissions required by a apk using the command "aapt d permissions apkfilename.apk". I tried it on a list of apk files and most of it worked. However there appears to be 1 apk which provides an error stating: dump failed because no AndroidManifest.xml found. There is also another second apk file which provides no error message when the aapt command is used, however no permissions are listed. Based on that observation I have a couple of questions regarding permissions.
1.) I was wondering, is it possible for a apk file to work on a phone despite not having a androidmanifest.xml file (after the apk is installed into the phone)?
Click to expand...
Click to collapse
To my knowledge, no, it wouldn't work.
dk3498 said:
2.) In addition to that, is it possible for a apk file (after the apk is installed into the phone) to use permissions without asking the user for permission?
Click to expand...
Click to collapse
Yes, this is possible. This is usually done by malicious applications.
dk3498 said:
3.)Is there any another file/command which could definitely list the permissions required by the apk, assuming if the person who created the apk tried to hide the permissions required?
Click to expand...
Click to collapse
XPrivacy, an android app, could be of use here.
dk3498 said:
4.)The aapt program output two types of permission, uses-permission and permission. What are the differences between the two?
Click to expand...
Click to collapse
See here.
Hi Theonew, thanks for the help :good:. So am i right to assume that malicious apk files could avoid stating the permission used/required in the androidmanifest.xml but still be able to use it behind the scenes?
dk3498 said:
Hi Theonew, thanks for the help :good:. So am i right to assume that malicious apk files could avoid stating the permission used/required in the androidmanifest.xml but still be able to use it behind the scenes?
Click to expand...
Click to collapse
Yes, this is possible. XPrivacy comes in handy here since it shows you the permissions which the app requested upon installation (hence you granted), and also shows the permissions the app actually used. Sometimes these include ones which were not requested/granted.
This and this may be in your interest. If not, they're still interesting reads .
** I dont have enough posts yet so cannot start thread in the correct section, so posted it below here in general **
I have all the content ready to add to an app and been searching for the right template and came across an app that has the look and feel I want.
I used autoapktool2.0.0 and it dissasembles the app fine so you can access the xml and other files. I am also able to edit a test apk and recompile and sign it with the above software fine. It creates 2 different folders one build which has a created classes file and one called dist that has the completed recompiled apk
however, when i try one specific apk I am able to decompile it fine, but when it comes to recompiling it after making a tiny test edit it will not do it.
I creates the classes file fine but it does not recompile the whole source files into an apk, so the dist folder is not created.
Why will it not recompile the whole thing?, is there something I am doing wrong or is the thing protected?
can someone test it for me using same methods I done and see what their result is?
(no errors were given when recompiling, it acted as if it was complete but it was not, as no apk created)
I have attempted numerous times to change the Online, Offline, Away, and Busy presence files in the Google Talk app. This images are located in the assets folder. Although I replace them, recompile and resign, my modified images do not show. I still see the original images. If I view the contents of the APK, they are there in the assets folder. Am I missing something?