How to deploy files into a device for multi-app access - android

My idea is to develop an application for Android, which is able to do the following:
The APK-File contains a resource, e.g. a pdf-file. And this file should be accessible for certain other apps. My intention is to install that /res/raw/-file in a dedicated Directory, e.g. /Download/PDF-Files, where it can be accessed by different applications.
This process should be done by installation of the app.
How should I configure the manifest.xml for that purpose?

During the installation process, no action can be performed unless the user presses 'open' to launch the app. The code that first executes after that is the onCreate() method of your MainActivity specified in your manifest. To do that you have to add the code in the onCreate() method. You also need to add the following permission:

Related

FileObserver on system files

For a survey I want to monitor user-compelled changes in the Android M application permission settings.
I decided to create a FileObserver watching /data/system/users/0/runtime-permissions.xml. This file holds all information but only has read/write access for the system -rw-------. chmod won't work because access privileges are restored on every change. So my monitoring app needs system permissions.
I followed this method to deploy my app directly to priv-app directory. Works like a charm, app is considered a system app, but still does not have permission to read the above-mentioned file. File.canRead() fails just as File.exists().
Is there maybe something I have to add in the AndroidManifest.xml to make it work, or is making use of the priv-app folder a complete wrong guess? Do I have to sign the application? For final deployment I wanted to add the application to a custom rom using some kind of kitchen.

Running a command as a shell user from an Android app

I am trying to execute an fopen() function on a file that is given permissions only to "shell" from a native (C++) application that is triggered from a service on my Android application. When I run the native code as a PIE from the shell, I am able to open the file for reading, but if I try from the Android application, it fails to open the file as the Android application is run in a different user space and so I am not able to open the file. My question is, is it possible to run the command as a "shell" user or a child of "shell" from the Android application. I want to be able to do this without rooting the device so su is out of question.
You can't change the user ID of your app without a rooted device. If you could, the security model wouldn't be very useful. If your app needs access to the file, you will need to grant appropriate permissions.
The other common workaround is to have a service, running as the "shell" user, whose job is to open the file and hand back a file descriptor. The tricky part is that you need a way to launch that service as the "shell" user, which brings us back to needing "su".
FWIW, the situation is the same whether you're coding in Java or C++.

At what point does the system check for the Android Manifest?

Does the Android Manifest check for the available components to be used before an application starts running, or does the system check for the Android Manifest every time a new component is being instantiated? By components I mean activities, services, etc...
What is the process involved?
Also, can an application still go back and forth to check on the android manifest even after it is running to check on xml activity attributes such as the android:name, android:label, or even intent filters, for different purposes such as to see whether a component to be used has already been defined?
Well to say it in a simple way-
Manifest contains permission like- "SD card read/write permission". So, while installing an app if you don't have a SD card than your won't get installed.
Again manifest contains "minimum SDK version"- which checks what OS version you have in your mobile, if your mobile OS version is less than the minimum version defined in manifest than the app won't install in your mobile.
In the manifest you have a list of all the activities and services too. So, without adding these in the manifest- your activities/services wont work.
So, these sort of checking and permissions are in manifest - the information the system must have before it can run any of the app's code.
Hope i have been able to keep it short and simple :-D
The manifest is a part of the app - it gets packaged with the app in its installation APK.
The manifest tells the system what APIs the application will use. When the app is installed, the system tells the user what sets of potentially sensitive APIs the application will use (as listed int he manifest) and if the user allows the app to be installed the system then assumes that the use of those APIs is permitted.
The OS will not permit the app to use other sensitive APIs that the app did not declare in the manifest.
Android Manifest file contains important information like the Java package name of the application, permissions, descriptions about activities,services... The system must have these information before running the app code.By this reason, the system doesn´t check the Android Manifest in runtime.
More here:
Android Manifest - Android Developer

What is android.permission.SET_PROCESS_LIMIT used for in an android application?

I have been trying to figure this out on the web with no information whatsoever as to what this actually does. The Google Manifest information says:
Allows an application to set the maximum number of (not needed) application processes that can be running.
I am thinking this is not a third party app permission but I need to be sure, its for our embedded device.
My guess is that this limits the number of processes that one application can have open when calling android:process=".RemoteActivity" in the manifest.
Anyone? Thank you.
It's a development/debug intended permisson. And just do what it says. Remember that when you run an app, android creates a process for all it's activities. This is, if you start opening the different activities of your application, you use the same process. However, Android let's you choose if an activity uses the main process or another new one. That's why this permission exists.
Sources:
http://developer.android.com/guide/topics/fundamentals/processes-and-threads.html
http://developer.android.com/reference/android/Manifest.permission.html#SET_PROCESS_LIMIT

intervening Android Install-time Permission granting mechanism

I'm new in Android. I have an Idea to enrich user's knowledge whilst installing a desired application.
the idea is developing an application that can analyze .apk file of the application to check if it's over-privileged or not. and inform the user if this application which he's trying to install is over-privileged or not.
but since there's already a mechanism from Android which asks user's consent to grant whatever permission the application requests, I'm not sure if my application can somehow intervene this mechanism, postpone it, pause it or it can not.
I'm not sure if my application can somehow intervene this mechanism, postpone it, pause it
None of these are possible, sorry. You are welcome to create your own custom firmware that has this feature, but you cannot create this capability via an SDK application, for obvious security reasons.
I am not far from where you are ~ the entire mechanization you seek is based on an xml file in the "root" of the installation - it is called AndroidManifest.xml = all permission based issues should begin original first efforts on that file:
The AndroidManifest.xml File
Every application must have an AndroidManifest.xml file (with precisely that name) in its root directory. The manifest presents essential information about the application to the Android system, information the system must have before it can run any of the application's code. Among other things, the manifest does the following: .....
the "app-store" web based distribution system is supposed to pick that up and not only make some decisions on what to present to the user but as well differentiate to some extent what to do in the matter but as I just got a Droid-X emulator available in my installation I can tell you for a fact that "versioning" is subject to oversimplification as we cannot rely on users being tech-geeks

Categories

Resources