如何在android中检查root访问权限? [英] How to check root access in android?

问题描述

我创建了一个检查安卓手机是否root的方法.这样做如下

public int checkrootcommand(String string) {//TODO 自动生成的方法存根进程执行；尝试 {exec = Runtime.getRuntime().exec(new String[]{"su","-c"});final OutputStreamWriter out = new OutputStreamWriter(exec.getOutputStream());out.write("退出");out.flush();Log.i(SUPER_USER_COMMAND, "su 命令执行成功");返回0；//当命令执行成功时返回零} 捕捉(IOException e){//TODO 自动生成的 catch 块e.printStackTrace();}返回 1；//当命令执行失败时返回一}

但问题是 checkrootcommand() 方法首先执行它工作正常，但是当再次调用相同的方法时，超级用户会话仍在运行.方法执行后有什么方法可以结束超级用户会话吗??

解决方案

没有可靠的方法来检测通过利用软件漏洞克服硬件保护的设备上的 root 条件.p>

您最多可以检测特定工具集的存在或扫描不应该存在的东西或文件中的更改 - 但这需要了解给定安装的外观，并假设操作系统您用来进行检查的功能未被修改以隐藏更改.

要可靠地扫描，您需要确保受信任代码的运行级别低于不受信任的代码；有根设备是这种保证从根本上被打破的设备，或者最终用户比开发人员更受信任的设备.

I created a method for checking whether the android phone is rooted or not. This is done as follows

public int checkrootcommand(String string) {
    // TODO Auto-generated method stub
    Process exec;
    try {

        exec = Runtime.getRuntime().exec(new String[]{"su","-c"});

        final OutputStreamWriter out = new OutputStreamWriter(exec.getOutputStream());
        out.write("exit");
        out.flush();

        Log.i(SUPER_USER_COMMAND, "su command executed successfully");
        return 0; // returns zero when the command is executed successfully
    } catch (IOException e) {
        // TODO Auto-generated catch block
        e.printStackTrace();
    }  
    return 1; //returns one when the command execution fails
}

But the problem is that the method checkrootcommand() is executed first it works perfectly, but when the same method called again the superuser session is still running. Is there any way to end the superuser session once the method is executed??

解决方案

There is no reliable means of detecting a rooted condition on a device where hardware protections have been overcome by exploiting software vulnerabilities.

At best you can detect the presence of particular toolsets or scan for things that aren't supposed to be there or changes in files that are - but that requires knowledge of what a given installation should look like, and assumes that the OS functionality you are using to make the checks hasn't been modified to hide the changes.

To reliably scan, you need to be sure trusted code runs at a lower level than untrusted code; a rooted device is one where this assurance has been fundamentally broken, or where the end user is trusted more than you the developer are.

这篇关于如何在android中检查root访问权限?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！