如何Android的超级用户的应用程序检测到一个应用程序请求根? [英] How does Android SuperUser app detect that an app requests root?
问题描述
我正在写一个应用程序,将使用苏来执行某些命令在Linux内核中。我想知道超级用户如何计算出该应用程序要求root权限?此外,是否有任何已知的方式(通过混淆),其中该检查可以被绕过?
I'm writing an app that will use su to execute some commands in the linux kernel. I was wondering how SuperUser figures out that the application is asking for root privileges ? Also, are there any known ways (through obfuscation) in which this check can be bypassed ?
在换句话说: 如何安卓/(超级用户)知道一个应用程序需要root权限尽管没有权限的Android清单文件中明确要求。
In other words: How does Android/(SuperUser) know that an app requires root privileges despite the fact that there are no permissions explicitly requested in the android manifest file.
我要问从安全的角度来看这个问题。我想知道这是如何工作,以确保一个恶意的应用程序无法绕过超级用户的详细信息。
I'm asking this question from a security standpoint. I want to know the details of how this works in order to be sure that a malicious app cannot bypass SuperUser.
推荐答案
有两个部分超级用户系统 - 超级用户二进制(苏在终端上)和 SuperUser.apk (Android应用程序来管理使用su的应用程序)。纵观苏二进制源$ C $ C,当你请求苏访问通过
There are two parts to the superuser system - the superuser binary (su on the terminal) and the SuperUser.apk (Android app to manage apps using su). Looking at the source code of the su binary, when you request su access through
Process p = Runtime.getRuntime().exec("su");
其发布通过Android消息管理器应用程序已请求超级用户访问的意图。
it publishes an intent through the android messaging manager that an application has requested for superuser access.
sprintf(command, "/system/bin/am broadcast -a '%s' --es socket '%s' --ei caller_uid '%d' --ei allow '%d' --ei version_code '%d' > /dev/null",action, socket_path, ctx->from.uid, allow, VERSION_CODE);
经理的应用程序监听这个意图,并要求用户处理请求(允许/拒绝)。
The manager app listens for this intent and asks the user to handle the request (allow/deny).
这篇关于如何Android的超级用户的应用程序检测到一个应用程序请求根?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
