Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

How is Android permission enforced?

Tags:

android

java-native-interface

dalvik

If I call socket() function in JNI C methods, the application will still fail with a permission error. And if I put a uses-permission line in AndroidManifest.xml, the problem is fixed.

So it seems Android permission check is not implemented in Dalvik virtual machine since I'm calling a native C function and still gets checked. I would like to know how where check is performed, in Android kernel, or the application is traced with something like ptrace to intercept every system call, or any other way. Many thanks.

like image 636
ZelluX Avatar asked Mar 01 '11 13:03

ZelluX

People also ask

How does permissions work in Android?

Android app permissions can give apps control of your phone and access to your camera, microphone, private messages, conversations, photos, and more. App permission requests pop up the first time an app needs access to sensitive hardware or data on your phone or tablet and are usually privacy-related.

Can apps bypass Android permissions?

Android apps must ask for permission to access sensitive resources on the phone, like the GPS, the camera, or the user's contacts data. When you say that an app can't access your location data, the operating system can prevent it from doing so because it runs the app in its own sandbox.

Which permission is automatically granted by Android system?

Any app that is capturing the screen via a MediaProjection and requests SYSTEM_ALERT_WINDOW is automatically granted the permission unless the user has explicitly denied the permission to the app.

2 Answers

The checks are performed by the Linux kernel, using group membership to determine access rights.

If you look in the zygote fork code in the VM you can see it using setgroups() to set the supplementary groups IDs. If you chase it around a bit in the app framework code you can see where it determines the permissions and passes them down to forkAndSpecialize().

like image 67
fadden Avatar answered Nov 15 '22 14:11

fadden

Native code runs in the same sandbox that SDK apps use and are therefore subject to the same security model as SDK apps.

See Download the Android NDK:

If you write native code, your applications are still packaged into an .apk file and they still run inside of a virtual machine on the device. The fundamental Android application model does not change.

like image 21
RivieraKid Avatar answered Nov 15 '22 13:11

RivieraKid
Sign in to Comment

Related questions

Webview not able to load https url in android?
JNI error : Local reference table overflow 512 entries
Reasons for porting a Cordova App to a Mobile Chrome App?
no resource found @integer/google_play_services_version whats this? [duplicate]
A library uses the same package as this project after importing Facebook SDK
android - Paho MQTT service for publishing
Visual Studio doesn't let me debug on android physical device
RecyclerView LinearLayoutManager computeVerticalScrollOffset() not returning correct value
Does proguard converts all enums to int or needs to be configured for this
Dagger 2 issue overriding single provides annotated method from a module in a library which app uses
Custom Tab Indicator(With Arrow down like Indicator)
Logic to use multiple webview in TabLayout to handle memory issue
Getting mobile data usage history using NetworkStatsManager
After Upgrading to Google Play Services 9.0.0, App Hangs in DynamiteModulesC
Will FCM Token change periodically like GCM registration ID?
Take picture with drawable/paint on face using vision api
Firebase Firestore retrieve data Synchronously/without callbacks
Android Jetpack Navigation - Custom Action with Drawer Item
Why SMS Retriever API don't work in release mode?
ListAdapter not refreshing RecyclerView if I submit the same list with different item order

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!