java.lang.SecurityException: Package com.android.settings does not belong to 1001
2014-09-26 14:17
1821 查看
曾经遇到过的一个问题,留作记录。
Can’t switch to flight mode
Log:
07-01 17:39:17.729 D/SwitchAirplaneModeEnabler( 1261): setAirplaneModeOn(true)
07-01 17:39:17.729 E/DatabaseUtils( 981): Writing exception to parcel
07-01 17:39:17.729 E/DatabaseUtils( 981): java.lang.SecurityException: Package com.android.settings does not belong to 1001
07-01 17:39:17.729 E/DatabaseUtils( 981): at android.app.AppOpsManager.checkPackage(AppOpsManager.java:1142)
07-01 17:39:17.729 E/DatabaseUtils( 981): at android.content.ContentProvider.getCallingPackage(ContentProvider.java:570)
07-01 17:39:17.729 E/DatabaseUtils( 981): at com.android.providers.settings.SettingsProvider.call(SettingsProvider.java:635)
07-01 17:39:17.729 E/DatabaseUtils( 981): at android.content.ContentProvider$Transport.call(ContentProvider.java:325)
07-01 17:39:17.729 E/DatabaseUtils( 981): at android.content.ContentProviderNative.onTransact(ContentProviderNative.java:275)
07-01 17:39:17.729 E/DatabaseUtils( 981): at android.os.Binder.execTransact(Binder.java:404)
07-01 17:39:17.729 E/DatabaseUtils( 981): at dalvik.system.NativeStart.run(Native Method)
07-01 17:39:17.729 D/AndroidRuntime( 1261): Shutting down VM
How to check:
When enable flight mode, it will update one attribute in the setting’s DB. When updating the value, security error occurs, saying “Package com.android.settings does not belong to 1001”. From the error information,
We understand that the user id which is accessing the DB is 1001(phone) while the package which it belonged to is 1000(the package is com.android.settings and in the manifest it is declared that it is the “system” group, the value is 1000).From Android4.3,
there is the permission management module called Appops, it will check if the process id and the id which the package belongs to are identical in case of the application is hacked. In this case, it detected that they are different, so the FC occurred.
Tracing the code to AppOpsManager.java, it call checkPackage(), and then the AppOpsSevice.checkpackage is called. In this function,
pkgUid = mContext.getPackageManager().getPackageUid(packageName, UserHandle.getUserId(uid));
The returned packageUid is 1001, not same as the 1000 which is the uid of com.android.settings.
But as a process in system group, the operation which an activity in “phone” process should be valid, since in the ContextImpl.java
if (ainfo.uid == Process.SYSTEM_UID && ainfo.uid != Process.myUid()) {
// Special case: system components allow themselves to be loaded in to other
// processes. For purposes of app ops, we must then consider the context as
// belonging to the package of this process, not the system itself, otherwise
// the package+uid verifications in app ops will fail.
mOpPackageName = ActivityThread.currentPackageName();
} else {
mOpPackageName = mBasePackageName;
}
So it’s really strange that this case has been considered in the code, but it doesn’t work After checking the code carefully, We found that the init of the contentResolver is before the code sniff mentioned above.
At that time, the mOpPackageName is not set at all. So the solution for this is moving the code of initiating the contentResolve after initiating mopPackageName.
….
} else {
mOpPackageName = mBasePackageName;
}
}
mContentResolver = new ApplicationContentResolver(this, mainThread, user);
After changing this, we are wondering why this error is found till now since it is from AOSP4.4. After checking the settings of AOSP4.4, it won’t access DB when enable/disable flight mode. Accessing DB when enable/disable
flight mode is QUALCOMM specified. That’s why the issue happened on Nokia phone but not AOSP.
Can’t switch to flight mode
Log:
07-01 17:39:17.729 D/SwitchAirplaneModeEnabler( 1261): setAirplaneModeOn(true)
07-01 17:39:17.729 E/DatabaseUtils( 981): Writing exception to parcel
07-01 17:39:17.729 E/DatabaseUtils( 981): java.lang.SecurityException: Package com.android.settings does not belong to 1001
07-01 17:39:17.729 E/DatabaseUtils( 981): at android.app.AppOpsManager.checkPackage(AppOpsManager.java:1142)
07-01 17:39:17.729 E/DatabaseUtils( 981): at android.content.ContentProvider.getCallingPackage(ContentProvider.java:570)
07-01 17:39:17.729 E/DatabaseUtils( 981): at com.android.providers.settings.SettingsProvider.call(SettingsProvider.java:635)
07-01 17:39:17.729 E/DatabaseUtils( 981): at android.content.ContentProvider$Transport.call(ContentProvider.java:325)
07-01 17:39:17.729 E/DatabaseUtils( 981): at android.content.ContentProviderNative.onTransact(ContentProviderNative.java:275)
07-01 17:39:17.729 E/DatabaseUtils( 981): at android.os.Binder.execTransact(Binder.java:404)
07-01 17:39:17.729 E/DatabaseUtils( 981): at dalvik.system.NativeStart.run(Native Method)
07-01 17:39:17.729 D/AndroidRuntime( 1261): Shutting down VM
How to check:
When enable flight mode, it will update one attribute in the setting’s DB. When updating the value, security error occurs, saying “Package com.android.settings does not belong to 1001”. From the error information,
We understand that the user id which is accessing the DB is 1001(phone) while the package which it belonged to is 1000(the package is com.android.settings and in the manifest it is declared that it is the “system” group, the value is 1000).From Android4.3,
there is the permission management module called Appops, it will check if the process id and the id which the package belongs to are identical in case of the application is hacked. In this case, it detected that they are different, so the FC occurred.
Tracing the code to AppOpsManager.java, it call checkPackage(), and then the AppOpsSevice.checkpackage is called. In this function,
pkgUid = mContext.getPackageManager().getPackageUid(packageName, UserHandle.getUserId(uid));
The returned packageUid is 1001, not same as the 1000 which is the uid of com.android.settings.
But as a process in system group, the operation which an activity in “phone” process should be valid, since in the ContextImpl.java
if (ainfo.uid == Process.SYSTEM_UID && ainfo.uid != Process.myUid()) {
// Special case: system components allow themselves to be loaded in to other
// processes. For purposes of app ops, we must then consider the context as
// belonging to the package of this process, not the system itself, otherwise
// the package+uid verifications in app ops will fail.
mOpPackageName = ActivityThread.currentPackageName();
} else {
mOpPackageName = mBasePackageName;
}
So it’s really strange that this case has been considered in the code, but it doesn’t work After checking the code carefully, We found that the init of the contentResolver is before the code sniff mentioned above.
At that time, the mOpPackageName is not set at all. So the solution for this is moving the code of initiating the contentResolve after initiating mopPackageName.
….
} else {
mOpPackageName = mBasePackageName;
}
}
mContentResolver = new ApplicationContentResolver(this, mainThread, user);
After changing this, we are wondering why this error is found till now since it is from AOSP4.4. After checking the settings of AOSP4.4, it won’t access DB when enable/disable flight mode. Accessing DB when enable/disable
flight mode is QUALCOMM specified. That’s why the issue happened on Nokia phone but not AOSP.
相关文章推荐
- 解决java.lang.SecurityException: Package android does not belong to 10065
- java.lang.SecurityException: Not allowed to bind to service Intent { act=com.android.testAIDLServic
- Caused by: java.lang.SecurityException: Permission Denial: not allowed to send broadcast android.int
- java.lang.SecurityException: Sending SMS message: User 10034 does not have android.permission
- Android:java.lang.SecurityException: Not allowed to change Do Not Disturb state
- Caused by: java.lang.SecurityException: Permission Denial: not allowed to send broadcast android.intent.action.HEADSET_PLUG
- Caused by: java.lang.SecurityException: Permission Denial: not allowed to send broadcast android.int
- java.lang.SecurityException: Unknown calling package name, com.google.android.gms.common.internal.zz
- java.lang.SecurityException: Sending SMS message: uid 10047 does not have android.permission.SEND_SM
- android java.lang.SecurityException: Permission Denial: not allowed to send broadcast
- java.lang.ClassNotFoundException: package com.xiangang.qq_client.Prototal 常见异常处理方法
- java.lang.SecurityException: Permission Denial: writing com.android.deskclock.AlarmProvider uri cont
- Android Caused by: java.lang.IllegalArgumentException: column '_id' does not exist
- Android Caused by: java.lang.IllegalArgumentException: column '_id' does not exist
- Android Caused by: java.lang.IllegalArgumentException: column '_id' does not exist
- : java.lang.SecurityException: Unable to find app for caller android.app.ApplicationThreadProxy 解决方法
- Android Caused by: java.lang.IllegalArgumentException: column '_id' does not exist
- java.lang.ClassCastException:android.os.BinderProxy cannot be cast to com.
- ERROR/AndroidRuntime(716): java.lang.SecurityException: Binder invocation to an incorrect interface
- Eclipse下调试HBase程序报“Will not attempt to authenticate using SASL (java.lang.SecurityException : 无法定位登”