I installed my app on the emulator with 2.2 and onto the sdcard. When I browse via adb shell, I can see that the encrypted app file lies under /mnt/secure/asec/com.myapp-1.asec but it also lies as plain apk file unencrypted at /mnt/asec/com.myapp-1/pkg.apk as well and I can do a 'adb pull' without special permissions and unzip it to see it's content.
Unfortuntately my N1 is in repair and I cannot check on a real device right now - but wondering, why can I still access the plain apk so easily (at least on the emulator)?
(Not sure if this question is supposed to be asked on StackOverflow or on ForceClose.com, but I figured it's more related to development and how to secure/encrypt your app as a developer, therefore I'm posting it here.)
Got the answer from the Android dev mailing list:
http://groups.google.com/group/android-developers/browse_frm/thread/f7d11237744fe5fa/0e92cb2905632408#0e92cb2905632408
Apps on SD card are stored in an
encrypted container for platform
security purposes -- so that other
applications can not modify or corrupt
them. When mounting the SD card,
these containers are mounted so that
they can be accessed in the same way
as apps stored in internal storage.
Thanks to Dianne Hackborn/hackbod
Related
I fully read the documentation of Cordova plugin filesystem. Furthermoe I've been googling without though conclusive explanations.
Particularly, how do the paths stored in the variables in cordova.file.* map the real folders in Android filesystem that you can see on any File Explorer? For example, I cannot save a file into the Downloads folder. I tried file:///android_asset/Download without success.
What exactly is the protocol file:/// and the path file:///android_asset/? What is the "application's sandbox"?
For example, I save a file into cordova.file.cacheDirectory because I need to deal with a temporary file, but I tried to find such file within a file explorer, and I can't find such file. Is it hidden somehow? I can't find it neither in /data/data/<app-id>/cache nor in "file:///data/user/0/com.form.parking.violation/cache/" (real value of that string).
I know, it's too many questions, but I will plan to make this a canonical question, since clear and pedagogical information is very scarce.
Using a 'File Manager' app on device won't give you access to items listed as 'Private' in the documentation you've listed. 'Private' means no other app should be able to see the contents which is sort-of described by "application sandbox". Normally a sandbox is for describing an environment which something can't get out of. If you aren't familiar with multi-user environments it can also mean that others without the right level of permission can't see in.
And unless the device you are testing on is rooted, you won't be able to see those 'private' files like the SQLite database and other files you are interested in unless you use adb from the Android SDK with the adb shell command run-as as described here:
Android ADB access to application databases without root
Note that to grab the files you need to have your Cordova app debuggable by Android Studio (debug mode).
For what is file:///android_asset/ I'll refer to this SO question:
What does file:///android_asset/www/index.html mean?
I am working on a project that needs to store some .txt to android, and get it from the computer for other use. From what I read from the documentation, I know that there are two types of storage: 1 Internal, which is somewhere deep in the phone that is private to the app. 2 External, which includes the SD card and the Internal Storage of the phone. I want to store it to External->Internal, and I am using this line of code to do that:
public String WalkDir = android.os.Environment.getExternalStorageDirectory().getAbsolutePath() + "/Walks/";
When I logged WalkDir, LogCat says "/storage/emulated/0", I stopped the app, checked with the adb shell, and there is no folder "0" but "legacy". I unplugged the phone and plugged it back in, the "Walks" folder is now in the root directory, and I don't need adb shell to access it.
So my question is, can you help explain how this system works? Why did "0" disappear? What is "legacy"? Why is the file in Internal Storage when I unplug&plug it?
Thank you very much!
Those are what in Linux are called symlinks (like shortcuts in Windows) that various system apps in Android are using..
/storage, /sdcard are sym linked folders,that means when you open one of those, it redirects to the original(/data/media/0), as for the 0 is just a multi user feature implemented in android 4.2, but only enabled on tablet androids.
Why do this Sym-Link?: simple so it dosent break apps(not only file explorer type of app, but all apps).
Still dont get, why it would break?.Simple. android api have lots of ways to write/read files from folders, u can do manually,u can get the data path, u can get the sdcard path, etc,etc. so to not break that they just does these sym links, thats why in one app the storage contentents are listed on /sdcard but on others, is /storage, etc,etc. one example of an app that broke because of these changes to android is titanium backup, u need to change the internal storage on it, so it work.
2 mount points pointing to the same storage device and partition.
If you create something in one folder, it will show up in the other. Same applies for deleting stuff.
They do not take away more storage space, as it is only available once but shown twice.
You also don't need to worry about it in any way because file browsers normally set their default directory to one of these locations.
As far as i know, Google changed the mount points in Android 4.2 to /storage/emulated/0/ due to them switching to MTP and EXT4(?) for the sdcard. The other mount points are still there for compatibility.
I use SQLite as my offline database. After the APK installation, I couldn't find the folders that I made. I want to put the database in device Storage : /storage/emulated/0 (Samsung device where I tested my program).
I already put this in my manifest :
<manifest android:installLocation="preferExternal" />
To install APK, i copied it directly from bin to my phone external storage. Did I miss something?
**notes: I need for users to be able to access files (.TXT and .XML) from device storage, so the folders and files inside shouldn't be hidden.
I'd appreciate your kind reply.. Thanks
installLocation="preferExternal" refers to the app installation, not to an eventual database (which I don't see mentioned anywhere in your question, other than in its title).
i copied it directly from bin to my phone external storage. Did I miss something? YES: this is not enough.
You have to install the apk, after copying it - you'll need a file manager to launch it.
OR (better) activate your Debug Options and run the app from the IDE directly onto your phone (you'll need to install the ADB Bridge, aka USB driver, aka ADB Composite Interface).
so the folders and files inside shouldn't be hidden. Every file in the apk is private to your app.
Other than this, your SD Card and then use them from there.
Use Environment.getExternalStorageDirectory() to get the path to your SD Card.
If you need some clarification on databases, please post a specific question about that matter.
So I want to prevent people from copying files out of my app while it is running.
1) Is there an easier way to detect if files are being copied off my device than through checking if the adb daemon is running?
2) Is there an easy way to enumerate all processes running on the Android OS from an app?
I know Android is not a very secure system, but I would at least like to make it difficult for people to copy files off of my app.
EDIT
To clarify my problem, all the files I have stored on the disk are encrypted. My concern is that I need to unencrpyt these files when accessing them in my app. I am trying to prevent someone from stealing these files while the app is running. I already delete the unencrypted files if someone exits out of the app.
Also, I was focused on adb because I was considering trying to delete unencrypted files if connected by usb. However, I know you can still run adb over wifi on a rooted phone. Now that I think about it, you can probably transfer files over by wifi on a rooted phone as well.
Also, obviously not having the files on the device is not an option.
You seem focused on adb, for unknown reasons.
With respect to internal storage, users cannot copy files off of internal storage of a device using adb, unless the device is rooted. And if the device is rooted, they do not need adb to copy files.
With respect to external storage, that is specifically designed to allow any app, or the user, to copy files from it, again without adb.
Hence, trying to detect adb is pointless.
I know Android is not a very secure system, but I would at least like to make it difficult for people to copy files off of my app.
Then don't put the files on the device in the first place.
I'm not sure if you mean that a user would use your application and put his phone on USB mode and proceed to transfer file off your application folder while your application is still running ?
If some files are needed in order for your application to function at runtime, can't your just make them private to your application ? Like illustrated in this article. Or simply don't put files on the device :)
I'm not sure what "copying files out of my app" means (is your app designed to show/provide files, or are you referring to the resources and other files used by your app).
In any case, you're wasting your time. Android is a very open platform and (particularly on rooted devices) people will always find a way to copy data if they want to.
I have an android application that gets invoked through ADB on a desktop machine. I have a properties file on the desktop machine which the android application somehow needs to be aware of, but they need to be external to the APK.
On the desktop (which will invoke the activities within the APK via ADB) I cannot easily repackage the APK with the .properties file and then re-install the APK on the phone (I tried this via aapt, but it is not preferable because it removes the signature on the APK and I cannot easily resign the apk on the particular desktop machine).
I would rather not pass them via intent extras, as there are a lot of them, and I cannot use adb shell setprop because it doesn't work while the phone is running. I also cannot put them on external storage because I am not guaranteed the phone will have an SD card. Can I put them in "internal storage" somewhere (if that exists) ?
I basically need to be able to pass numerous properties onto the device when I install the APK, but I cannot put them in the APK itself, and not all the devices will have SD cards.
Any ideas ?
Take a look at the method used here: android: transfer sqlite database from pc to device via usb programatically