How Is Android Permission Enforced?
If I call socket() function in JNI C methods, the application will still fail with a permission error. And if I put a uses-permission line in AndroidManifest.xml, the problem is fi
Solution 1:
The checks are performed by the Linux kernel, using group membership to determine access rights.
If you look in the zygote fork code in the VM you can see it using setgroups() to set the supplementary groups IDs. If you chase it around a bit in the app framework code you can see where it determines the permissions and passes them down to forkAndSpecialize().
Solution 2:
Native code runs in the same sandbox that SDK apps use and are therefore subject to the same security model as SDK apps.
If you write native code, your applications are still packaged into an .apk file and they still run inside of a virtual machine on the device. The fundamental Android application model does not change.
Post a Comment for "How Is Android Permission Enforced?"