系统应用程序与Android上的特权应用程序有什么区别? [英] What is the difference between system apps and privileged apps on Android?
问题描述
因此在4.3中有一个系统应用程序的概念.放置在/system/app中的APK具有系统特权.从4.4开始,存在特权应用"的新概念.特权应用程序存储在/system/priv-app目录中,并且似乎有不同的对待.如果您在PackageManagerService下查看AOSP源代码,则会看到新的方法,例如
static boolean locationIsPrivileged(File path) {
try {
final String privilegedAppDir = new File(Environment.getRootDirectory(), "priv-app")
.getCanonicalPath();
return path.getCanonicalPath().startsWith(privilegedAppDir);
} catch (IOException e) {
Slog.e(TAG, "Unable to access code path " + path);
}
return false;
}
这是这些情况不同的示例.
public final void addActivity(PackageParser.Activity a, String type) {
...
if (!systemApp && intent.getPriority() > 0 && "activity".equals(type)) {
intent.setPriority(0);
Log.w(TAG, "Package " + a.info.applicationInfo.packageName + " has activity "
+ a.className + " with priority > 0, forcing to 0");
}
...
这会影响未定义为系统应用程序的任何活动的优先级.这似乎意味着您不能将优先级高于0的活动添加到程序包管理器中,除非您是系统应用程序.据我所知,这不会不排除特权应用程序(这里有很多逻辑,我可能是错的.)
我的问题是,这到底意味着什么?如果我的应用程序有特权,但没有系统特权,那会有什么不同?在PackageManagerService中,您可以找到系统应用程序和特权应用程序之间不同的各种事物,它们并不完全相同.特权应用程序背后应该有某种意识形态,否则它们会说:
if locationIsPrivileged: app.flags |= FLAG_SYSTEM
并已完成.这是一个新概念,我认为对于从4.4开始进行AOSP开发的任何人来说,了解这些应用程序之间的区别将很重要.
ApplicationInfo.FLAG_SYSTEM标志继续表示它的意思 在文档中:它指示应用程序apk为 捆绑在/system分区上.一个新的隐藏标志FLAG_PRIVILEGED 引入的内容反映了访问这些内容的实际权利 权限.
更新:自Android 8.0起,priv-app随Privileged Permission Whitelisting的添加而略有变化.除了仅处于priv-app之外,还必须将您的应用添加到白名单中,以获得各种系统权限.有关此信息,请参见: https://source.android.com/devices/tech/config/perms-whitelist
So in 4.3 there was a concept of System applications. APKs that were placed in /system/app were given system privileges. As of 4.4, there is a new concept of "privileged app". Privileged apps are stored in /system/priv-app directory and seem to be treated differently. If you look in the AOSP Source code, under PackageManagerService, you will see new methods such as
static boolean locationIsPrivileged(File path) {
try {
final String privilegedAppDir = new File(Environment.getRootDirectory(), "priv-app")
.getCanonicalPath();
return path.getCanonicalPath().startsWith(privilegedAppDir);
} catch (IOException e) {
Slog.e(TAG, "Unable to access code path " + path);
}
return false;
}
So here is an example of a situation where these differ.
public final void addActivity(PackageParser.Activity a, String type) {
...
if (!systemApp && intent.getPriority() > 0 && "activity".equals(type)) {
intent.setPriority(0);
Log.w(TAG, "Package " + a.info.applicationInfo.packageName + " has activity "
+ a.className + " with priority > 0, forcing to 0");
}
...
This affects the priority of any activities that are not defined as system applications. This seems to imply you can not add an activity to the package manager whose priority is higher than 0, unless you are a system app. This does not preclude privileged apps as far as I can tell (there is a lot of logic here, I may be wrong.).
My question is what exactly does this imply? If my app is privileged, but not system, what difference will that make? In PackageManagerService you can find various things that differ between system and privileged apps, they are not exactly the same. There should be some kind of ideology behind privileged apps, otherwise they would have just said:
if locationIsPrivileged: app.flags |= FLAG_SYSTEM
and been done with it. This is a new concept, and I think it would be important to know the difference between these kinds of apps for anyone who is doing AOSP development as of 4.4.
So after some digging, it's clear that apps in priv-app are eligible for system permissions, the same way that old apps used to be eligible to claim system permissions by being in system-app. The only official Google documentation I could find on this came in the form of a commit message: Commit hash: ccbf84f44c9e6a5ed3c08673614826bb237afc54
Some system apps are more system than others
"signatureOrSystem" permissions are no longer available to all apps residing en the /system partition. Instead, there is a new /system/priv-app directory, and only apps whose APKs are in that directory are allowed to use signatureOrSystem permissions without sharing the platform cert. This will reduce the surface area for possible exploits of system- bundled applications to try to gain access to permission-guarded operations.
The ApplicationInfo.FLAG_SYSTEM flag continues to mean what it is says in the documentation: it indicates that the application apk was bundled on the /system partition. A new hidden flag FLAG_PRIVILEGED has been introduced that reflects the actual right to access these permissions.
Update: As of Android 8.0 priv-app has changed slightly with the addition of Privileged Permission Whitelisting. Beyond just being in priv-app, your app must also be added to a whitelist in order to gain various system permissions. Information on this can be found here: https://source.android.com/devices/tech/config/perms-whitelist
这篇关于系统应用程序与Android上的特权应用程序有什么区别?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
