We all know that Android install apps in /data/app and app's data in /data/data.
I wonder if is possible to "ask" to the system to install the app in /sdcard instead, or on a custom path there.
I know that this isn't good for security reasons, but having the dex/libs accessible without root would be usefull for creating a (sort-of) sandbox.
I'm talking about normal "apk" apps (not just dex files that can be booted with dalvikvm command).
adb install -s will tell the system you want to install the application to the sdcard.
However, I'm not sure this is actually what you want. It creates an encrypted container on the sdcard, so it's not actually accessible in the way that you want.
So essentially, no, it's not possible. For exactly the reason you already mentioned (security).
Related
I'm making an app that read messages from Whatsapp, Viber, mails, etc. and groups it so you can read all that one person said to you in just one App.
To do this I'm trying to read the *.db files each App has on /data/data directory but have encountered two problems.
Since I'm new to programing for rooted phones I don't know how this works and have not found a good tutorial or any documentation. Do you have any that I could read to understand?
Once I know how to access /data/data with root, how can I read the *.db without making a copy. Many other topics say that I should copy the *.db file to a folder and read it there, but wouldn't it be a lot more simple to just read it from where it is?
Apps, regardless of whether the phone is rooted or not, can only ever read files that they themselves own, or that are public (e.g., on a SD card). This is because while the phone may be rooted, the apps themselves do not gain root access.
Instead, on your phone, you have an executable named su lets apps run root commands. However, by default, it refuses to let any app run any root commands. When you root your phone, you replace this executable by a new, modified version that lets approved apps run root commands. It is by using these root commands that you can gain indirect root access to the system.
Now, since you only have indirect root access for your app, you cannot just read any file from the file system. But if you run a root command to copy it to your own, private directory, where you do have permission to read it, your app can directly read it from there.
(Note: you can technically read files without copying them first, by using the su executable, but unless there's a real reason why you can't copy first, and you actually know what you're doing, you probably shouldn't even bother because it's rarely worth the trouble anyways, especially not for sqlite databases.)
For details about how to run root commands with su, see this link (which Gumbo posted in the comments above).
I searched a lot in DDMS all folders but can not find the location of my package folder in file manager. I have search it into the storage/sdcard0 but there also my package is not present.
take a look I uploaded photo. Is there any special setting from mobile ?
My phone android version 4.4.2
please help me to find.
UPDATE
I gone through this steps.
And I reach to My database folder .Now What to do.
adb shell
run-as com.mypackage
ls
cd databases
ls
Now After this what to do.
As you are looking for the database.
I used to copy the database file to any other location after updating it. ( in my code)
Then I use any sqlite viewer over phone or over PC to view it.
I Think you need a rooted device
as far as I know the files on sdcard/Android/data are not the primary files for the packages, those are only extra files (most probably not critical and large files) which are saved on the external storage which is the sdcard.
main package files are saved on the internal storage.
I think you can try this link
http://developer.android.com/guide/topics/data/install-location.html
you can change the location of app installation.
Br,
You can't see the files in DDMS, but you can get a list of the location of all the files using the command:
adb shell pm list packages -f
(you can also add an optional extra parameter to restrict the files listed to be those that match your extra parameter).
Once you have the location of the file, you can then issue a command like
adb pull /system/app/GoogleEarth.apk
to actually get the file off the device and on to your PC.
None of this requires a rooted device.
Since you're looking for the database of your application: Unfortunately there's no way to access the /data/data/your.package.name/databases through DDMS on an unrooted device, as Hussein Ali pointed out correctly. (By the way: The app-data (shared prefs, databases) will reside there no matter of the install-location)
Something like this won't work neither because of Permission denied.
adb pull /data/data/your.package.name/databases/db.sl3
Luckily ICS (Android 4.0) introducted the ability to backup your application-data. That's a possible way to copy your database from your unrooted device to your PC. Please see this post on StackOverflow in order to see what you need to do.
copy the database file to your SD card so you'll be able to use adb pull and get the database to your PC (You can't pull files from private folders such as /data/data/...).
I recommend using SQLite Expert to browse the DB on your desktop:
http://www.sqliteexpert.com/
Also, If you still want to use sqlite3 on your device, check out this answer: https://stackoverflow.com/a/7878236/624109
phone storage is treated as external storage in location "sdcard" where you havn't saved anything so nothing(package named folder) is created... your package will be in app's "private storage" that's in root "data/data/pkg_name" folder accessible only on rooted device.
So I want to prevent people from copying files out of my app while it is running.
1) Is there an easier way to detect if files are being copied off my device than through checking if the adb daemon is running?
2) Is there an easy way to enumerate all processes running on the Android OS from an app?
I know Android is not a very secure system, but I would at least like to make it difficult for people to copy files off of my app.
EDIT
To clarify my problem, all the files I have stored on the disk are encrypted. My concern is that I need to unencrpyt these files when accessing them in my app. I am trying to prevent someone from stealing these files while the app is running. I already delete the unencrypted files if someone exits out of the app.
Also, I was focused on adb because I was considering trying to delete unencrypted files if connected by usb. However, I know you can still run adb over wifi on a rooted phone. Now that I think about it, you can probably transfer files over by wifi on a rooted phone as well.
Also, obviously not having the files on the device is not an option.
You seem focused on adb, for unknown reasons.
With respect to internal storage, users cannot copy files off of internal storage of a device using adb, unless the device is rooted. And if the device is rooted, they do not need adb to copy files.
With respect to external storage, that is specifically designed to allow any app, or the user, to copy files from it, again without adb.
Hence, trying to detect adb is pointless.
I know Android is not a very secure system, but I would at least like to make it difficult for people to copy files off of my app.
Then don't put the files on the device in the first place.
I'm not sure if you mean that a user would use your application and put his phone on USB mode and proceed to transfer file off your application folder while your application is still running ?
If some files are needed in order for your application to function at runtime, can't your just make them private to your application ? Like illustrated in this article. Or simply don't put files on the device :)
I'm not sure what "copying files out of my app" means (is your app designed to show/provide files, or are you referring to the resources and other files used by your app).
In any case, you're wasting your time. Android is a very open platform and (particularly on rooted devices) people will always find a way to copy data if they want to.
I have an android application that gets invoked through ADB on a desktop machine. I have a properties file on the desktop machine which the android application somehow needs to be aware of, but they need to be external to the APK.
On the desktop (which will invoke the activities within the APK via ADB) I cannot easily repackage the APK with the .properties file and then re-install the APK on the phone (I tried this via aapt, but it is not preferable because it removes the signature on the APK and I cannot easily resign the apk on the particular desktop machine).
I would rather not pass them via intent extras, as there are a lot of them, and I cannot use adb shell setprop because it doesn't work while the phone is running. I also cannot put them on external storage because I am not guaranteed the phone will have an SD card. Can I put them in "internal storage" somewhere (if that exists) ?
I basically need to be able to pass numerous properties onto the device when I install the APK, but I cannot put them in the APK itself, and not all the devices will have SD cards.
Any ideas ?
Take a look at the method used here: android: transfer sqlite database from pc to device via usb programatically
When I copy a file from assets to the device, it copies just fine. The only problem is ownership. The file is ending up with the owner being 'app_59', and I need it to be 'system'. When I adb push a file, it goes as 'system'. I tried chown, I tried chmod 0777 the file, I just cannot seem to do it! Can anyone help :(
An application can't write something as the system user. That would be a serious violation of security. Also production devices do not provide root access from the shell, so it is not possible to push something to the device as anything besides the shell user; I assume you are doing your push on to the emulator, which is a very different environment in this regard (shell can run as root), so not applicable to a real device.