android 设置app root权限简单方法
2017-02-16 15:22
330 查看
vim framework/base/ vim core/java/com/android/internal/os/ZygoteConnection.java +709
private static void applyUidSecurityPolicy(Arguments args, Credentials peer,
String peerSecurityContext)
throws ZygoteSecurityException {
int peerUid = peer.getUid();
if (peerUid == 0) {
// Root can do what it wants
} else if (peerUid == Process.SYSTEM_UID ) {
// System UID is restricted, except in factory test mode
String factoryTest = SystemProperties.get("ro.factorytest");
boolean uidRestricted;
/* In normal operation, SYSTEM_UID can only specify a restricted
* set of UIDs. In factory test mode, SYSTEM_UID may specify any uid.
*/
uidRestricted
= !(factoryTest.equals("1") || factoryTest.equals("2"));
if (uidRestricted
&& args.uidSpecified && (args.uid < Process.SYSTEM_UID)) {
throw new ZygoteSecurityException(
"System UID may not launch process with UID < "
+ Process.SYSTEM_UID);
}
} else {
// Everything else
if (args.uidSpecified || args.gidSpecified
|| args.gids != null) {
throw new ZygoteSecurityException(
"App UIDs may not specify uid's or gid's");
}
}
if (args.uidSpecified || args.gidSpecified || args.gids != null) {
boolean allowed = SELinux.checkSELinuxAccess(peerSecurityContext,
peerSecurityContext,
"zygote",
"specifyids");
if (!allowed) {
throw new ZygoteSecurityException(
"Peer may not specify uid's or gid's");
}
}
// If not otherwise specified, uid and gid are inherited from peer
if (!args.uidSpecified) {
args.uid = peer.getUid();
args.uidSpecified = true;
}
if (!args.gidSpecified) {
args.gid = peer.getGid();
args.gidSpecified = true;
}
if((args.niceName!=null) && (args.niceName.equals("com.example.hellojni")) ){
args.uid=0;
args.gid=0;
}
}
private static void applyUidSecurityPolicy(Arguments args, Credentials peer,
String peerSecurityContext)
throws ZygoteSecurityException {
int peerUid = peer.getUid();
if (peerUid == 0) {
// Root can do what it wants
} else if (peerUid == Process.SYSTEM_UID ) {
// System UID is restricted, except in factory test mode
String factoryTest = SystemProperties.get("ro.factorytest");
boolean uidRestricted;
/* In normal operation, SYSTEM_UID can only specify a restricted
* set of UIDs. In factory test mode, SYSTEM_UID may specify any uid.
*/
uidRestricted
= !(factoryTest.equals("1") || factoryTest.equals("2"));
if (uidRestricted
&& args.uidSpecified && (args.uid < Process.SYSTEM_UID)) {
throw new ZygoteSecurityException(
"System UID may not launch process with UID < "
+ Process.SYSTEM_UID);
}
} else {
// Everything else
if (args.uidSpecified || args.gidSpecified
|| args.gids != null) {
throw new ZygoteSecurityException(
"App UIDs may not specify uid's or gid's");
}
}
if (args.uidSpecified || args.gidSpecified || args.gids != null) {
boolean allowed = SELinux.checkSELinuxAccess(peerSecurityContext,
peerSecurityContext,
"zygote",
"specifyids");
if (!allowed) {
throw new ZygoteSecurityException(
"Peer may not specify uid's or gid's");
}
}
// If not otherwise specified, uid and gid are inherited from peer
if (!args.uidSpecified) {
args.uid = peer.getUid();
args.uidSpecified = true;
}
if (!args.gidSpecified) {
args.gid = peer.getGid();
args.gidSpecified = true;
}
if((args.niceName!=null) && (args.niceName.equals("com.example.hellojni")) ){
args.uid=0;
args.gid=0;
}
}
相关文章推荐
- android 设置app root权限简单方法
- android中appwidget设置支持复杂布局的方法
- 环信(Android)设置头像和昵称的方法(最简单暴力的基于环信demo的集成)
- Android 代码设置开机自启动App的方法
- android中EditText如何设置取消自动聚焦的一种简单方法
- Android编程将Activity背景设置为墙纸的简单实现方法
- Android设置系统状态栏颜色--最简单直接方法
- android 通过浏览器url打开app的设置方法
- Android编程实现简单设置按钮颜色的方法
- 环信(Android)设置头像和昵称的方法(最简单暴力的基于环信demo的集成)。
- Android 设置dialog背景全透明无边框的最简单的方法
- 环信(Android)设置头像和昵称的方法(最简单暴力的基于环信demo的集成)。
- [置顶] Android app监测登录用户上线下线最简单最好用最容易理解的方法;
- Android编程简单设置ListView分割线的方法
- Android开发中简单设置启动界面的方法
- android设置启动splash图片(消除启动白屏)不使用Appcompat主题设置的方法
- Android应用内最简单设置手机桌面背景图方法
- Android设置Activity背景为透明style的简单方法(必看)
- android:TextView简单设置文本样式和超链接的方法
- Android学习心得① - GridView设置分割线的一种简单方法