I'm writing a testing suite for my other apps that triggers system intents, specifically ACTION_DOCK_EVENT.
I know I need to add android:sharedUserId="android.uid.system" to my android manifest in the manifest tag and I need to install my app in /system/app instead of the normal /data/data.
I have root access so that's not a problem.
The problem I'm running into is, it appears I also need to sign my app with a system key. Where do I get a system key store, users names, and passwords? I assume I could build my own version of Android and sign it with my own keys, but since I have root access there should be an easier way right?
I have a N1 with CM7 and the emulator I'd be fine with keys for either.
Thanks.
Your best bet would be to build the OS yourself and sign it with your own keys. Root access wont help you share user id with the system.
Unless you are working with the device manufacturer, you wont be able to (legitimately) get the signing keys for the firmware.
Turns out the send broadcast intents via adb with commands like:
am broadcast -a android.intent.action.DOCK_EVENT --ei android.intent.extra.DOCK_STATE 2
To test ACTION_DOCK_EVENT.
I couldn't figure out a way to do it from another app, but adb worked for my needs.
Related
I want to install my apk (my own application) to an android device, but this apk should be installed only if user is allowed to install (i.e. login needed)
I know that adb can be used to install an apk but I couldn't find any information about if I can protect adb port by a password. And, I don't know whether are there other methods or not.
You can't prevent the installation of an APK on a device. However, you can make the app working only on the devices you want, by adding a login form or a check on the unique ID of the device.
Keep in mind that a third person can bypass this protection by patching the app.
I developed one parent and child communication Android application in which I wanted to restrict the child from uninstalling application. I have one solution that uses DevicePolicyManager. But still the application can be uninstalled without asking for password. If I remove the Device Administrator permission from the settings, then application is uninstalled from device?
Can anyone provide the valid solution for this cause?
You cannot prevent a user from uninstalling an app, from within the app code itself.
There is suggestions here How to prevent an application from being uninstalled?, but they are not foolproof.
The way around this is to use an android device with lollipop and upwards, so you can create a user account.
On the admin account, install an app that requires a password to uninstall apps. They are on the market (and free) I've used them. Or write one yourself.
Then on the child's account allow them whatever privileges you want them to have. They will be unable to touch the apps and uninstall them, unless on the admin account and with the password required for that app to uninstall other apps.
I have tried and tested this and it works.
I've been trying to implement an application which sends and receives fake sms on my device (Samsung Galaxy S2, Android 4.1.2). I found an example of such application here:
http://blog.dev001.net/post/14085892020/android-generate-incoming-sms-from-within-your
I copy-pasted it and ran on my device. Nothing happened and I found in logs that BROADCAST_SMS permission was system. I made the app system using Titanium Backup, restart my device and ran the app again. And nothing happened again. I got the same exception that my app had no rights to use BROADCAST_SMS permission. Then I read that I should specify android:sharedUserId="android.uid.system" in manifest. When I added it I failed to run my app using Intellij Idea 14:
Failure [INSTALL_FAILED_SHARED_USER_INCOMPATIBLE]
I tried to install generated by Idea app but got exception: Package has no signatures that match those in shared user android.uid.system; ignoring!
So I have several questions:
1. How is it possible to install unsigned app with android:sharedUserId="android.uid.system" in manifest?
2. Will my app be able to use BROADCAST_SMS permission if I make it system using Titanium Backup or other trick?
3. Is there any other way to force the app work on my device?
I have seen applications which imitate sms incoming. But they all write to inbox directly. I need an application which makes other applications believe that new sms is coming.
Thanks in advance
To use shareduserid your app must have the same signature as all other apps using this uid. Installing the app on /system partition or even giving it priv-app status is not sufficient.
And btw the permission is of level "signature" anyway (not signatureOrSystem) so the only way you can be granted the permission is if your app uses the same signature as the android framework. In other words, you have to make a custom platform build and flash your phone with it.
If you install/build Android from AOSP, a test key is used to sign all the apps. You can use this key to sign your app and install it as a system app. This works great for testing; obviously not going to be an option for something you want to distribute.
I have developed an android application and I want to distribute the application on tablet. This means my client will not require to download the apk as it comes with tablet.
This software is for training purpose i.e. video and other documents.
I don't want the apk to be extracted, in another words, I would like to bound the apk to run a specific device.
In summary, my aim is to deliver the apk with tablet device (and I want to avoid extraction of the apk).
Is this achievable?
If the user gains root access on the tablet, you cannot do anything to avoid this.
However without root access, if the apk comes shipped with the tablet, there is no way that someone can send it to other tablet/phones.
If you want to add further security, you can do a simple offline authentication, when the app starts.
eg
1) on first install, prompt user(who will be you, since you have to install the app before giving the tablet to an employee - right? if I understood correctly your problem) to give a user and a pass.
2) Then save credentials in phone(using preferences), and later on(step 3) match them with some hardcoded ones in your apps code.
3) Each time app starts, do a quick check of preferences credentials, and if it doesn't match, close the application.
While this isn't very good way of securing your app, you may come up with a more reliable solution. If tablets have internet access all the time, you can add a proper username/password authentication, but you have to create some sort of accounts to all of your users.
Did you know something about Signed-apk?? First of all create your account on play-store and get the keystore for your project. then create a signed-apk using keystore and password given.
I'm searching for a way to program my application to install silently an APK file.
I'm aware about the possibility to launch with code that looks something like this:
Intent intent = new Intent(Intent.ACTION_VIEW);
intent.setDataAndType(Uri.fromFile(apkFile), "application/vnd.android.package-archive");
startActivity(intent);
But before the installation starts, this code raises a dialog with the APK's required permissions, and needs user authorization to start the installation.
Is there any way to skip this dialog?
Is there any other way to install an application during runtime from my code, that doesn't require user interaction?
No. And that's a good thing - this would be an (other) open door to malware and unwanted installs. Why do you want to do that, if you mind me asking? What's wrong with letting users know that you want to install something on their device?
Also, some details here: Silent installation on Android devices
And finally, this might be possible for rooted devices: if you write your own installer, you can bypass completely the built-in installer, and with root privilege, you can basically do what you want. But I still think that would be a serious breach of security.
Yes you can, but you need root access or your app must be a system signed app.
You can install apps silently by using shell commmand pm install "apk path".
This will definitely work - I have already created a sample app that does this.