Have an app where I store .png images in the app's cache directory, and as I am sharing these files via messaging, etc, I need to make the files readable temporarily by everyone (i.e. chmod 755).
As suggested in another thread, I am running Runtime.getRuntime.exec() to do this:
Runtime.getRuntime().exec("setperm chmod 755 /path/to/filename.png");
This works fine, and as I am filtering / and \, any name works... except a name with a space, unsurpisingly. This fails:
Runtime.getRuntime().exec("setperm chmod 755 /path/to/file name.png");
So, coming from linux, I try wrapping the file path in quotes, which works on linux, but still fails to change the file perms on Android:
Runtime.getRuntime().exec("setperm chmod 755 \"/path/to/file name.png\"");
or
Runtime.getRuntime().exec("setperm chmod 755 '/path/to/file name.png'");
Any ideas?
Thanks,
Paul
Have an app where I store .png images in the app's cache directory, and as I am sharing these files via messaging, etc, I need to make the files readable temporarily by everyone (i.e. chmod 755).
Don't put them in the cache dir. Use openFileOutput() and set MODE_WORLD_READABLE.
As suggested in another thread, I am running Runtime.getRuntime.exec() to do this:
Whoever suggested that to you is a moron. No Android application should be using exec(). There are no command-line binaries that are part of the SDK and that you can rely upon being there.
UPDATE
In a related android-developers thread, Dianne Hackborn (#hackbod) writes:
The recommended way to do this is to write a content provider, which the other app can call ContentResolver.openFileDescriptor() etc. It is actually really easy to write such a content provider -- it doesn't need a database or anything, just to implement ContentProvider.openFile().
Every situation I have seen where MODE_WORLD_* is used it causes more troubles than just writing a content provider. I regret having made that.
The exec() solution works well when in development you want to get access to your app's data but don't want to root your phone. I agree that it shouldn't be used in production code, but it sure saved me a lot of time firing up emulators just to get at my database.
Related
I fully read the documentation of Cordova plugin filesystem. Furthermoe I've been googling without though conclusive explanations.
Particularly, how do the paths stored in the variables in cordova.file.* map the real folders in Android filesystem that you can see on any File Explorer? For example, I cannot save a file into the Downloads folder. I tried file:///android_asset/Download without success.
What exactly is the protocol file:/// and the path file:///android_asset/? What is the "application's sandbox"?
For example, I save a file into cordova.file.cacheDirectory because I need to deal with a temporary file, but I tried to find such file within a file explorer, and I can't find such file. Is it hidden somehow? I can't find it neither in /data/data/<app-id>/cache nor in "file:///data/user/0/com.form.parking.violation/cache/" (real value of that string).
I know, it's too many questions, but I will plan to make this a canonical question, since clear and pedagogical information is very scarce.
Using a 'File Manager' app on device won't give you access to items listed as 'Private' in the documentation you've listed. 'Private' means no other app should be able to see the contents which is sort-of described by "application sandbox". Normally a sandbox is for describing an environment which something can't get out of. If you aren't familiar with multi-user environments it can also mean that others without the right level of permission can't see in.
And unless the device you are testing on is rooted, you won't be able to see those 'private' files like the SQLite database and other files you are interested in unless you use adb from the Android SDK with the adb shell command run-as as described here:
Android ADB access to application databases without root
Note that to grab the files you need to have your Cordova app debuggable by Android Studio (debug mode).
For what is file:///android_asset/ I'll refer to this SO question:
What does file:///android_asset/www/index.html mean?
We all know that Android install apps in /data/app and app's data in /data/data.
I wonder if is possible to "ask" to the system to install the app in /sdcard instead, or on a custom path there.
I know that this isn't good for security reasons, but having the dex/libs accessible without root would be usefull for creating a (sort-of) sandbox.
I'm talking about normal "apk" apps (not just dex files that can be booted with dalvikvm command).
adb install -s will tell the system you want to install the application to the sdcard.
However, I'm not sure this is actually what you want. It creates an encrypted container on the sdcard, so it's not actually accessible in the way that you want.
So essentially, no, it's not possible. For exactly the reason you already mentioned (security).
I'm making an app that read messages from Whatsapp, Viber, mails, etc. and groups it so you can read all that one person said to you in just one App.
To do this I'm trying to read the *.db files each App has on /data/data directory but have encountered two problems.
Since I'm new to programing for rooted phones I don't know how this works and have not found a good tutorial or any documentation. Do you have any that I could read to understand?
Once I know how to access /data/data with root, how can I read the *.db without making a copy. Many other topics say that I should copy the *.db file to a folder and read it there, but wouldn't it be a lot more simple to just read it from where it is?
Apps, regardless of whether the phone is rooted or not, can only ever read files that they themselves own, or that are public (e.g., on a SD card). This is because while the phone may be rooted, the apps themselves do not gain root access.
Instead, on your phone, you have an executable named su lets apps run root commands. However, by default, it refuses to let any app run any root commands. When you root your phone, you replace this executable by a new, modified version that lets approved apps run root commands. It is by using these root commands that you can gain indirect root access to the system.
Now, since you only have indirect root access for your app, you cannot just read any file from the file system. But if you run a root command to copy it to your own, private directory, where you do have permission to read it, your app can directly read it from there.
(Note: you can technically read files without copying them first, by using the su executable, but unless there's a real reason why you can't copy first, and you actually know what you're doing, you probably shouldn't even bother because it's rarely worth the trouble anyways, especially not for sqlite databases.)
For details about how to run root commands with su, see this link (which Gumbo posted in the comments above).
I’m trying to create an app that is able to access and modify a protected database within /data/data/. This process obviously requires root privileges and I am testing this on a rooted device. The general code to access the SQLite database is complete and works against a test database that is located elsewhere (on /sdcard/).
However when I want the application to access the database within /data/data/, it obviously fails as I am trying to access it as a normal user. I have read on the topic of using the su binary on Android for a bit now, and as far as I understand it usually used to execute shell commands only.
So my initial idea of making this work was to simply change the permissions of the file when the application starts, and change it back when it quits. So before actually bothering with implementing that in the application itself, I used my file explorer to change the permission to rw-rw-rw-. However my application was still not able to open the database.
My next idea was to use the sqlite3 program directly from the shell, but I found out, that my ROM does not come with it, so I would have to distribute it myself (Titanium Backup seems to do that).
However there is something that makes me wonder if there might not be a better way: I am using Root Explorer as my file explorer and it has a built-in way to browse any SQLite database. Given that it does not seem to ship with a custom sqlite3 binary, and that my phone does not have one itself, the access seems to happen using the normal Java tools. But how does the app get root rights then?
Is there a way to make an Android application run as root? Or did I forget setting something for the permissions earlier which prevented me from accessing it? Or does anyone know how Root Explorer does it?
You cannot raise the permissions of an already running process as far as I know. The simplest answer would be to copy it somewhere using the root shell / command line edit it, then copy it back as root again. And yes, I did read your question, just didn't explain the answer fully. Hopefully it's clear now. Not sure if root explorer does that or something else, but it would work.
I want to set permission on a file of sdcard that no one can delete the same, for this I want to run chmod 400 command on that file, but I don't know how to do that programmatically in android. Please suggest me any solution for the same.
Thanks in advance.
Use caution with this approach. The SD card generally uses a FAT filesystem without per-user permissions. Even if you were able to do a chmod 400 (which you may be able to do with the Runtime.exec(), or File.setReadOnly() method or similar), it may not be a good idea to do it directly on the SD card filesystem, because nothing prevents someone from simply marking it read/write again.
You should use the official data storage APIs, which should be sufficient for your needs. (and more secure assuming a non-rooted device)