I heard of file called vold.fstab in /etc..can modifying that be of any help??i want to be able to remount as a common user.
Or is it possible to give specific permission to just run remount command as user??like is there a setting where certain command access can be set to particular users other than just root user??
No. It is not possible unless you install a custom android build which, for all practical purposes, lacks a security model - or use a local privilege escalation attack to obtain a temporary root shell to issue commands from.
Even if you were to let non-root users remount the filesystem, they wouldn't be able to actually change much of anything on it as they would lack the necessary file/directory permissions, so literally fulfilling your question would be pointless.
Likely what you want to do is install an at least somewhat secured tool for obtaining a root shell when needed - ie, "root" your phone. That would let you both remount the filesystem, and make changes to it, but would hopefully prevent/discourage other random code on your device from doing so.
Related
We all know that Android install apps in /data/app and app's data in /data/data.
I wonder if is possible to "ask" to the system to install the app in /sdcard instead, or on a custom path there.
I know that this isn't good for security reasons, but having the dex/libs accessible without root would be usefull for creating a (sort-of) sandbox.
I'm talking about normal "apk" apps (not just dex files that can be booted with dalvikvm command).
adb install -s will tell the system you want to install the application to the sdcard.
However, I'm not sure this is actually what you want. It creates an encrypted container on the sdcard, so it's not actually accessible in the way that you want.
So essentially, no, it's not possible. For exactly the reason you already mentioned (security).
I know this is handled much better in AOSP7 and even offers the user the toggle for turning debugging off at a network and more general level. But 4.3 does not seem to allow that.
I want to be able to password protect an adb root command made over a network. Does anyone have any inkling on how this could be achieved?
Thanks ^^
In android you'll have root access using the "su" which actually is an program that start another programs with a different user ID (user id 0 which is the root user id). You can intercept su requests by replacing su program in /sbin/su with any custom su version.
This post defienetly would help you :
https://android.stackexchange.com/questions/2974/what-is-the-default-android-root-password
Btw the su binary executable path in your android device may differ depend on the tool you used for rooting your device.
It may be in one the following paths:
1- /sbin/su
2-/system/xbin/su
3-/system/bin/su
To find where is your su file type this in adb shell:
Which su
You can change the su source code (c++ i think) in a way that every access needs a password. Actually you can do anything using c++. You can even write your own su binary but for doing this you need to know what su really does you can even write su with bash scripting rather than c++.
A link for a sample working su source code:
https://github.com/ChainsDD/su-binary
I'm making an app that read messages from Whatsapp, Viber, mails, etc. and groups it so you can read all that one person said to you in just one App.
To do this I'm trying to read the *.db files each App has on /data/data directory but have encountered two problems.
Since I'm new to programing for rooted phones I don't know how this works and have not found a good tutorial or any documentation. Do you have any that I could read to understand?
Once I know how to access /data/data with root, how can I read the *.db without making a copy. Many other topics say that I should copy the *.db file to a folder and read it there, but wouldn't it be a lot more simple to just read it from where it is?
Apps, regardless of whether the phone is rooted or not, can only ever read files that they themselves own, or that are public (e.g., on a SD card). This is because while the phone may be rooted, the apps themselves do not gain root access.
Instead, on your phone, you have an executable named su lets apps run root commands. However, by default, it refuses to let any app run any root commands. When you root your phone, you replace this executable by a new, modified version that lets approved apps run root commands. It is by using these root commands that you can gain indirect root access to the system.
Now, since you only have indirect root access for your app, you cannot just read any file from the file system. But if you run a root command to copy it to your own, private directory, where you do have permission to read it, your app can directly read it from there.
(Note: you can technically read files without copying them first, by using the su executable, but unless there's a real reason why you can't copy first, and you actually know what you're doing, you probably shouldn't even bother because it's rarely worth the trouble anyways, especially not for sqlite databases.)
For details about how to run root commands with su, see this link (which Gumbo posted in the comments above).
I want to set permission on a file of sdcard that no one can delete the same, for this I want to run chmod 400 command on that file, but I don't know how to do that programmatically in android. Please suggest me any solution for the same.
Thanks in advance.
Use caution with this approach. The SD card generally uses a FAT filesystem without per-user permissions. Even if you were able to do a chmod 400 (which you may be able to do with the Runtime.exec(), or File.setReadOnly() method or similar), it may not be a good idea to do it directly on the SD card filesystem, because nothing prevents someone from simply marking it read/write again.
You should use the official data storage APIs, which should be sufficient for your needs. (and more secure assuming a non-rooted device)
When I copy a file from assets to the device, it copies just fine. The only problem is ownership. The file is ending up with the owner being 'app_59', and I need it to be 'system'. When I adb push a file, it goes as 'system'. I tried chown, I tried chmod 0777 the file, I just cannot seem to do it! Can anyone help :(
An application can't write something as the system user. That would be a serious violation of security. Also production devices do not provide root access from the shell, so it is not possible to push something to the device as anything besides the shell user; I assume you are doing your push on to the emulator, which is a very different environment in this regard (shell can run as root), so not applicable to a real device.