top button
Flag Notify
    Connect to us
      Site Registration

Site Registration

Android: Multi-user access to system properties

+2 votes
305 views

I'm facing an issue with permissions to write system properties in a multi-user scenario, specifically the fact that they are only available to the primary user ("owner").

In the check_perms method @ property_service.c the prefix of the property is mapped to a UID which is compared to that of the caller, but the userid bits are not masked out. This means that an app running as e.g. AID_SYSTEM will not be able to access system permissions granted for this UID when it's running as a secondary user.

I'm curious as to what is the reason for this limitation? Is this deliberate? Is there a security concern here that I am missing? If an app is allowed to run as system, doesn’t it make sense to grant it the same rights regardless of the current user of the device?

What makes me even more curious is that there is a previous patch that solves this issue for the AID_BLUETOOTH user specifically:

static int check_perms(const char *name, unsigned int uid, unsigned int gid, char *sctx){ [...]
 app_id = multiuser_get_app_id(uid); if (app_id == AID_BLUETOOTH) { uid = app_id; }

Is there a reason for not *always* using the app id rather than the full uid including user id bits when checking system property permissions?

I'm considering uploading a patch that either adds (app_id == AID_BLUETOOTH || app_id == AID_SYSTEM), or simply removes the check altogether (meaning always using the app id). Would that have any chance of being accepted?

posted Oct 28, 2013 by Sheetal Chauhan

Share this question
Facebook Share Button Twitter Share Button LinkedIn Share Button

1 Answer

+1 vote

There is no such thing as AID_SYSTEM running as a secondary user. AID_SYSTEM (as well as AID_BLUETOOTH and other such hard-coded uids) are not per-user uids, they are fixed uids for specific processes than run independently of the current user. For example, AID_SYSTEM is for the system process, which is the thing actually in charge of switching users and such.

The check in the property service is correct, since the point is to only allow these fixed uids to the operations.

answer Oct 29, 2013 by Dewang Chaudhary
Similar Questions
+2 votes

I would like to access, from the framework level, the stored preferences of an application, is it possible to do?

I've thought about creating a Content Provider. Will I be able then to retrieve its content from the framework level? Would the retrieving procedure be the same than the one in the application level?

+2 votes

I want to create an alertbox whenever any app creates an camera object. But I am not able to access to activity in frameworks/base/core/java/android/hardware/Camera.java to create an alertbox.

Could you help me out how can I capture activity related to camera in frameworks/base/core/java/android/hardware/Camera.java.

+1 vote

I want Android OS with no usable features, the only task the OS would have is to turn on and redirect the user to a APP.

Here are the steps
1. The user turns on the phone
2. The OS is loading as the phone turns on. When it's on you enter the homescreen.
3. You see the homescreen with a logo as background in a few seconds as the app loads
4. App has loaded and the OS opens the APP
5. The APP opens and inside the app is all the features.

You can now use the phone to it's intended task, and it's not possible to quit the app.

Any suggestion would be helpful?

0 votes

Due to history reason, I have to check some values from /data each time when system has been upgraded by OTA. I've searched the whole framework but find nothing like a settings value or a property or some thing else which can notify the change.

So is there any way my code could be made aware when system is upgraded?

...