How can my app access admin level privileges on non-rooted device?

Question

Android requires super user for deleting, modifying or reading anything in the root directory except system which is read only.

However, I have noticed that even without a rooted device, some applications are able to take advantage of these processes. For example, Norton is able to do device wipes on non-rooted phones. Is there a way to grant my application similar access?

Answer 1

An application with Administrator Rights can use the Device Administration API. This API offers the ability to wipe the device.

Using this, it doesn't need any super-user permissions, it only needs device administrator rights.

To summarize how to use the Device Administration API:

1. You need a resource file declaring policies needed by your app

<device-admin xmlns:android="http://schemas.android.com/apk/res/android">
  <uses-policies>
    <wipe-data />
  </uses-policies>
</device-admin>

2. You need to implement a DeviceAdminReceiver to react to various administration event your app is interested in. (an empty implementation can be enough if you are only interested in wipe-device) (more details on how to setup this receiver: here)

3. You need the BIND_DEVICE_ADMIN permission

4. At some point (probably at start up) your app must trigger ACTION_ADD_DEVICE_ADMIN to ask to the user to grant "Device Administration Rights" to your app. (once those rights are granted, there is no reason to ask them again. The user always have the ability to un-grant those rights from the Settings app)

5. When your setup is correct (and if the user grant Device Admin rights to your app), you can invoke the DevicePolicyManager:

DevicePolicyManager devicePolicyManager = (DevicePolicyManager) context.getSystemService(Context.DEVICE_POLICY_SERVICE);
devicePolicyManager.wipeData(0);

Note that an app with device administrator rights cannot be un-installed. The user needs to manually remove those rights (with the Settings app) before being able to un-install it.