Hi all,
I'm interested in developing a custom Android ROM that includes custom permissions which grant read/write access over certain character devices to third-party apps; is there a way to bind custom permissions to a specific a set of apps (defined by expected package signature, for instance, since they would not be built in to the ROM) which can take advantage of these custom permissions and would be the only apps allowed to do so?
thanks,
CCJ
Related
Mods, in case this is the wrong forum for this kind of discussion, feel free to move it. I'm a newbie here and the rules are always a bit ambiguous until you get a feel for how that particular community interprets them.
The problem I'm having is this: My phone is rooted and I've written a short application that moves the apk of another application to the SD, replacing it with a dummy file that in turn launches my application.
Moving the data to the SD isn't a problem and neither is moving it back, but informing the OS that it has been moved back is a different matter, as the particular broadcast message needed to inform other applications of the availability is protected by a UID check which will only allow root or system to proceed. While I can spawn a root shell, I haven't found a way to make this shell interact with the Android system, so the broadcast comes from my application which has a non-system UID and is therefoe denied.
I know I could sign my application with the system keys and add it to the shared system UID group, but let's be honest: that's more trouble than it's worth and would require me to re-sign all system applications on any device where I want my little app to run.
So I need a few API calls executed by an application that is already owned by a system user; a mediator which listens for requests from unprivileged applications and, after a user prompt, executes them in its own context.
I'm quite willing to write such a mediator service myself, but I don't want to duplicate work that's already being done... does anybody else know about
a) methods that would make such a mediator unnecessary
b) existing mediator services available on custom ROMs?
Update:
Right now I'm digging through the app_process source code, as it interfaces with the Android runtime from C++, which might allow for executing Android code under the UID of a Linux binary...
I'm creating a custom Android build (based on AOSP 4.0.1) and I need to be able to programatically enable and disable NFC from an app. After a little trial and error, I realized that the app would require the WRITE_SECURE_SETTINGS permissions, which is never given by Android to any non-system app. Installing the app as a system-app is not an option, since the android rom and the app will have to be distributed separately.
So my idea is (and considering that I'm creating a custom build) to find the file in the android source where it says that the NFC enable/disable setting requires the WRITE_SECURE_SETTINGS permission and then disable that. Can anyone point me to where this file would be located in the android source?
Hello -
I hope someone can help with making my app persistent in my custom ROM.
In the Android manifest, I have flagged my application as "persistent", so that it automatically restarts if it crashes, is less likely to be killed by the system, etc. I know that normal applications cannot use this setting, but I am working on a custom ROM, and I load my application into the priv-app folder, and so I am able to use it.
This works perfectly well on pre-Lollipop phones. However, when I build my APK into an Android 5 ROM, the "persistent" setting is no longer honoured. I can use 'dumpsys activity' to verify that my app is persistent on Android 4.4.4, but not on Android 5.0.
Is there some additional requirement for persistence in Android 5? I see that some system-supplied apps are still persistent, so it's not as if it's completely impossible. Thanks.
Figured it out myself eventually - turns out it was to do with selinux file permissions. I had to use chcon to copy the selinux file context from another file in the priv-app folder to sort it out.
You should put [SOLVED] in your thread title
Noob question.
What is the actual password to su on various smartphone models, say Galaxy S5 or LG L3?
Is it a fixed character string or a formula based upon some hw specific like MAC ID?
Why don't vendors and network providers verify certain apps for su and give those sw vendors their devices' root password, or is it done that way now?
OK found the following on the web.
root in Linux (or any Unix-like system) is just the user with User ID 0. The su program (which actually stands for "Switch User", not "Super User") is just a program to start another program with a different user ID than the starting program (by default to uid 0, which is to user root). Android does not use the traditional /etc/passwd, however it still uses Linux User ID and Group ID for managing permissions.
If you want to intercept su requests so you can ask for password or enforce other rules, you will need to replace /sbin/su with your own version of su. Alternative approach is the one described here:
http://www.koushikdutta.com/2008/11/fixing-su-security-hole-on-modified.html
though that will require applications to cooperate by firing an Intent when they want to switch user.
Android security framework is more or less like this: each installed application runs on its own User ID (selected at installation time), and application permissions is implemented as user groups.
Can i change the root password after rooting my android device by simply typing "passwd"?
Android does not use /etc/passwd so it also does not have*passwd*program.
how is the rooting process working ? i mean what is the "one click root" apps doing to my phone?
I'm not quire sure with the exact process myself, you probably want to ask to rooting developers. However, my guess is it just reverts the security check that originally prevent developer from setuid 0.
End of paste.
So the above is saying there are no passwords in Android. To give an app or file root privilege you must change the app's user id that runs it or users id of the user who created the file to 0 (zero).
Therefore giving root privilege to an app on Android is a su app that changes the user id to 0 of the app you want to give root privilege to.
So why don't hw vendors and network providers who provide the Android ROM include a special su app that checks (look up in a file) whether app is OK for root and then grants it ?
Is there a way, once rooting is done, and i have customized my phone a bit (a change in one of the config files of linux), to change the user accounts and permissions? To create a new user account and change the user that is used by the phone to be a non-root, non-sudo, standard user. And all apps to use this or another standard user account.
And my app (that i installed after rooting) use another account. Only this account will have permission to read and write my app's directory.
Finally change the root user password, so that others cannot get into it unless they have that password.
So in effect protect my apps directory and allow the phone to work with a non sudo user from then on?
Next time phone re boots it uses another user say A (non sudo); without access to my apps directory. And when my app runs it uses user B (also non sudo) which has access to its dir. Others cannot read or list files in it or change permissions. So in effect my apps directory cannot be read by the user of the phone, in this new set up. I understand there will be ways around this.
But is this possible and how?
Rooted using https://forum.xda-developers.com/android/general/root-samsung-galaxy-on5-t3435457 but i can do systemless root if that is the way.
Phone model : Samsung On 5 Pro SM-G5550FY. Thank you much.