简体繁体 English

在Android中安装期间确定应用的UID如何？

[英]How UID of an app determined during install in Android?

原文 2014-01-07 18:52:05 5 2 android/ android-source/ package-managers/ android-permissions/ uid

The following link gives a brief description about package installation process in android. 以下链接简要介绍了android中的软件包安装过程。

http://java.dzone.com/articles/depth-android-package-manager http://java.dzone.com/articles/depth-android-package-manager

I'm curious to know how the UID of an app is determined during its installation based on set the permissions present in its manifest file. 我很想知道如何在安装过程中确定应用程序的UID，具体取决于设置其清单文件中的权限。

Also there is the platform.xml (in /frameworks/base/data/etc directory for 4.0 ICS Source code)file which contains list of permissions with gid associated with them. 还有platform.xml（在/ frameworks / base / data / etc目录中为4.0 ICS源代码）文件，其中包含与gid相关联的权限列表。 The description says 描述说

The following tags are associating low-level group IDs with permission names. 以下标记将低级别组ID与权限名称相关联。 By specifying such a mapping, you are saying that any application process granted the given permission will also be running with the given group ID attached to its process, so it can perform any filesystem (read, write, execute) operations allowed for that group. 通过指定这样的映射，您说任何授予给定权限的应用程序进程也将运行并附加到其进程的给定组ID，因此它可以执行该组允许的任何文件系统（读取，写入，执行）操作。

In a similar way there is a list of high level permissions assigned to specific uid's as well. 以类似的方式，还有一个分配给特定uid的高级权限列表。

My question is when an app is installed with permissions X,Y, Z how does its access specified is it from the mapping from this platform.xml 我的问题是，当安装了具有权限X，Y，Z的应用程序时，如何从此platform.xml的映射中指定其访问权限

Also everytime the app is run does the mapping take place at every instant (that doesn't seem right from the initial design of android where the app permissions cannot be changed unless there is an update). 此外，每次运行应用程序时，映射都会在每个时刻发生（从Android的初始设计看起来似乎不对，除非有更新，否则无法更改应用程序权限）。 So if that is the case where does it store saying this app should run with such and such access or such and such uid. 因此，如果是这样的情况，它会存储说这个应用程序应该运行这样的访问或类似的这样的uid。

I hope I made my question clear, let me know if you need more information. 我希望我的问题清楚，如果您需要更多信息，请告诉我。 I'm just trying to learn more on how the internals of the Android OS work. 我只是想了解更多有关Android操作系统内部工作原理的信息。

Thanks 谢谢

2 个解决方案

The UID of an application does not depend on the set of the requested permissions. 应用程序的UID不依赖于所请求权限的集合。 In general case, during the installation PackageManager assigns a unique UID to an application from a set [FIRST_APPLICATION_UID; LAST_APPLICATION_UID] 一般情况下，在安装过程中，PackageManager会从一个集合中为应用程序分配一个唯一的UID [FIRST_APPLICATION_UID; LAST_APPLICATION_UID] [FIRST_APPLICATION_UID; LAST_APPLICATION_UID] (actually, this process has slightly changed with the introduction of multi-user support): [FIRST_APPLICATION_UID; LAST_APPLICATION_UID] （实际上，随着多用户支持的引入，这个过程略有变化）：

The Android system assigns a unique user ID (UID) to each Android application and runs it as that user in a separate process. Android系统为每个Android应用程序分配一个唯一的用户ID（UID），并在单独的进程中以该用户身份运行它。

What you are talking about is a limited set of GIDs (group ids) that is assigned to an application based on the permissions. 您所谈论的是基于权限分配给应用程序的一组有限的GID（组ID）。 For instance, to limit access of applications to the network interface a special patch has been added to Linux kernel, which allows a process to create net sockets only if this process has a special hardcoded GID. 例如，为了限制应用程序对网络接口的访问，Linux内核中添加了一个特殊的补丁，只有当此进程具有特殊的硬编码GID时，才允许进程创建网络套接字。 Thus, during the installation of an application if a user accepts the permission "android.permission.INTERNET", PackageManager assigns a special GID to this application (based on the values in platform.xml file). 因此，在安装应用程序期间，如果用户接受权限“android.permission.INTERNET”，则PackageManager会为此应用程序分配一个特殊的GID（基于platform.xml文件中的值）。 During the launch of this application, a process of this app is setgid'ed with the value. 在此应用程序启动期间，此应用程序的进程已设置为值。 Thus, the process of application obtains a right to create sockets. 因此，应用程序获得了创建套接字的权利。