I want to make an app that essentially mines every bit of data that it can from a phone for a university research project. For this, I will need to know what apps are open (all of them) and it seems that, as of API 21, just listing the current app is a rather tricky endeavor. If the user grants superuser access requested via:
<uses-permission android:name="android.permission.ACCESS_SUPERUSER">
</permission>
can I get around Googles obvious attempts to make it harder to get even tiny bits of information out of the phone. Or have they gone as far as making superuser access not so super anymore?
Also, I know I can just root the device, but this application will be installed on other peoples devices (data will be stored locally). As I understand it, non rooted devices can still grant superuser access upon permission (or via toast message if permissions are not listed in the manifest)
EDIT: apparently, as of android 5.0, SU is no longer available to non rooted devices...
Thanks
Related
I need to Turn ON/OFF Mobile data programmatically. For this issue I need to use MODIFY_PHONE_STATE permission.
As we know in latest Android versions it's not possible for non-rooted phones unless the app has system rights.
I know that exists some workaround how to sign the app as system app. But as I understand it's not possible to publish such app at the Play Store.
My question is the next - is it possible to get system rights officially? If it is possible which way I have to go to get them?
THe only way to get them is a rooted device, or to build the device image yourself. The idea of system permissions is that only apps which are trusted by the creator of the system (the OEM) can request them. You can also get them by rooting the device, because of how they're granted (its based on the directory the app is installed in, which can be accessed if you have root). But there is no way to do it without root or without creating your own OS image.
MODIFY_PHONE_STATE is a system-only permission so there's no way to get that permission unless you root your phone.
I list all permissions of the new installed application on Android device. But I want to detect when an application uses these permission. For example, I installed an app and it uses READ_CALENDAR permission. It is not always read my calendar data. I want to detect the time it reads my calendar data. Is it possible?
No, I don't think this is possible. You would need to be able to monitor each external app, and you don't have the ability to know what they are doing (due to security restrictions on Android). In other words, your app doesn't have the ability to monitor the actions of other apps (not written by you) on the device.
I don't think you have access to the system at the level you would need to perform this (this may be possible on a Rooted phone, but I think that would still be difficult).
When you write an app you have to insert in the android manifest all the possible "uses permissions", for all the functionality that your app will use.
When someone installs your app, before the installation procedure, he can read all the permissions used from the app. If you accept to install it, the app will use all those permissions listed.
I've been searching about this topic but I haven't found a clear solution yet. As far as I know, you can specify different protectionLevel in your AndroidManifest.xml, those permissions allow other applications to interact with the one you are developing. As an example, imagine that I want to kill a processes, that is not mine (from another package) or that I want to install a driver I've developed. In both cases the problem is the same, those things need to be run as a system / root. How can I develop programs that require system / root permissions, do I need an special license?
Note: Please, note that granting the permission:
<uses-permission android:name="android.permission.KILL_BACKGROUND_PROCESSES"/>
Using android:sharedUserId="android.uid.system" does not work either.
Also, consider that I cannot ask the users to have their mobiles "rooted".
Thanks in advance.
Use
Process myprocess = Runtime.getRuntime().exec("su");
to request root access.
This is not possible.
Either you ask your users to root their devices or you limit your applications abilities to the things you can do without root access.
It is possible to not displaying the GUI of requesting root authorization from the user? in a rooted device, installed as a system application under /system/app
first of all, I'm not involved in any kind of Android development. I'm only curious.
The question is: does an app obtaining root privileges still need to declare its required permissions in the manifest?
I mean, if my app doesn't declare that it needs to acquire camera input, can it invoke some APIs or executable and acquire camera after becoming root?
I know this could sound stupid but I repeat, I'm just curious about Android features.
On your typical rooted Android device, (which would use the Superuser application and its corresponding su binary) applications which request root access can only run commands as root via the su binary.
So yes, in that the application itself still runs as a underprivileged user process, so anything it needs to do using the "normal" APIs still need the correct permissions. So if you want to (as in your example) access the camera using the normal Java API, you can't do that unless you have declared that permission.
But no, in that if your application requests and receives root privileges via the su binary, you can do anything you want within that command. So if you wrote a special binary or script that can access the camera outside of the normal API methods, that might work. (I suspect this would be more trouble than it's worth.)
It seems almost every android device comes without root permission, so some people provide a new ROM to root it. How do they achieve it? (Do they change anything in init process, or do they change some apps' access attributes on the storage, such as launcher or toolkit, or some process's uid/gid?)
I have a non-root mobile and another rooted one. I can't find the difference between them. The launcher are both with a uid/gid exceeding 10000.
In Linux desktop, this is controlled through the login process. But I still don't know the key reason.
It's confusing.
On a rooted Android, you can install apps that require special access (like the hardware)
Because the hardware manufacturers and the developers at Google did not want to let users tweak the hardware, the root user is blocked.
For example you can run softwares like Titanium backup (for making backups of application data), SetCPU (for overclocking your Android) and LES (Linux enhancement suite) if you have a rooted phone. Note that the rooted phone will allow apps to run through root only when asked for. Otherwise all the apps will work as the normal user.
In Linux, you can use the su command to get ALL the root permissions or sudo to get minimal root permissions (controlled su)
You can get the superuser permissions by rooting the phone, installing a terminal (Better Terminal Emulator) and typing "su" into the console. (Click "yes" if Superuser asks for permission)