I'm a new Android developer and trying to make a package manager app. I have listed all installed apps, and now I want to uninstall the particular app without user interaction. Is it possible with unrooted phones?
The PackageManager class contains a #hide method : deletePackage. BUT you can't use it because :
It's an hidden method, therefore the only way to call it in a normal App is to use reflection (it is not recommended because it may break in future version of the Android API)
Usage of this method requires the permission android.Manifest.permission#DELETE_PACKAGES and this permission can only be granted to apps signed with the system key. (i.e. even if you ask this permission in your manifest it won't be granted unless your app is signed with the system key)
So you can't do it in a simple/standard app. Your only solution (on a non-rooted phone) is to sign your app with the system key and to do so you need to negotiate with the manufacturer so that your app get signed with their system key.
Related
I developed one parent and child communication Android application in which I wanted to restrict the child from uninstalling application. I have one solution that uses DevicePolicyManager. But still the application can be uninstalled without asking for password. If I remove the Device Administrator permission from the settings, then application is uninstalled from device?
Can anyone provide the valid solution for this cause?
You cannot prevent a user from uninstalling an app, from within the app code itself.
There is suggestions here How to prevent an application from being uninstalled?, but they are not foolproof.
The way around this is to use an android device with lollipop and upwards, so you can create a user account.
On the admin account, install an app that requires a password to uninstall apps. They are on the market (and free) I've used them. Or write one yourself.
Then on the child's account allow them whatever privileges you want them to have. They will be unable to touch the apps and uninstall them, unless on the admin account and with the password required for that app to uninstall other apps.
I have tried and tested this and it works.
I'm trying to put some pieces together regarding the Device Owner application.
With regards the the newly released EMM API, is there a way for the Device Owner application get system app permissions? I have noticed that the API allows remote package installation, but for this to work, the application needs to have INSTAL_PACKAGES permissions (reserved for system apps).
Also, is there any official documentation to the Android Hidden API, or is it all just code inspection and comments?
Device Owner does not have system app permissions.
On Marshmallow a Device Owner can call PackageInstaller and silently install apps.
The TestDPC basically shows all the features you can implement:
https://github.com/googlesamples/android-testdpc
For some more interesting info:
https://florent-dupont.blogspot.ca/2015/02/10-things-to-know-about-device-owner.html
I'm writing a system app for android devices that we supply to customers. We control the firmware and can add apps to the android image, including into the priv-app folder.
One of the requirements for our app is that it is able to reset our device's password. In order for a 'normal' app to do this, android requires that the app is set up as a device administrator.
Is there any way to pre-configure our app as a device administrator for our firmware, or an alternative way of setting a device password specifically for system apps?
A device admin application may set itself as admin using the hidden DevicePolicyManager.setActiveAdmin method. To do this, however, the application needs the android.Manifest.permission.MANAGE_DEVICE_ADMINS permission which requires platform signing.
System permissions by placing this application in /system/priv-app is not required - the permission is of type "signature".
I assume the platform signing is necessary since otherwise, the user must first accept the device admin setting policies.
Once admin, the application may set any policies including setting the password using DevicePolicyManager.resetPassword method.
Hope this helps.
/Marek Pola, Sony Mobile.
I'm building an Android app, and one of the permission I need is defined as:
android:protectionLevel="signature|system|development"
How do I get the signature protection level? Do I need to sign my application somehow?
Do I need to sign it with OEM ? (Samsung\HTC\LG)?
signature means that to be able to get access to the resource, your app have to be signed with the same certificate that the holder of the permission. If this is not your app you are trying to connect to, then you basically are out of luck. If that's system one then you are out of luck even more, This is documented here:
"signature"
A permission that the system grants only if the
requesting application is signed with the same certificate as the
application that declared the permission. If the certificates match,
the system automatically grants the permission without notifying the
user or asking for the user's explicit approval.
EDIT
Im trying to read logcat file through my application. this requires
the permission android.permission.READ_LOGS
You cannot access logs on stock ROM that are not created by your application. That's introduced for security reasons, so would not make sense to let you get it just because you need it. If you build own ROM, then you can have it, but then you should know this already.
I want to write tests for an application that uses the android device administration API . My problem is that the user needs to manually grant one-time approval for the application to have admin rights, otherwise a SecurityException is thrown at runtime.
a user can manually enable/disable admin rights for applications by going to settings->location & security -> select device administators. I would like to do it programmatically from within an AndroidTestCase.
I did not find a way to grant admin automatically.
Luckily, however, the AVD remembers that the application was granted admin and does not revoke it after installing a later version of the same app. Thus, after a manual one-time process of enabling admin on the emulator I can run all my tests that require admin, as long as i don't switch to another AVD.