Android Security Model Android security (app permissions)

The process sandbox provides an isolation mechanism between untrusted applications, and Shareduserid provides a mechanism for sharing resources for applications that have a trust relationship. However, due to the fact that users themselves install applications that are not trustworthy, Android apps do not have any permissions by default and cannot access protected device APIs and resources. Therefore, the permissions mechanism is the basis of the Android security mechanism, deciding whether to allow or restrict application access to restricted API and system resources . The permissions of the application need to be clearly defined , confirmed by the user at the time of installation, and checked, executed, granted, and revoked at run time . File and content providers can also be protected under custom permissions.

Specifically, the application is assigned a user flag (UID) at installation time to distinguish it from other applications and to protect its own data from other applications. Depending on the user and group, Android assigns different permissions, such as access to the network, access to GPS data, and so on, these Android permissions are mapped to Linux user and group permissions at the bottom.

The level of implementation of the Authority mechanism is briefly summarized as follows:

• Application Layer Explicit permission: Permission information for the application package (. apk file) in the Androidmanifest.xml file through <permission>,< Premission-group> and <permission-tree> labels are specified. You need to apply for a permission, use <uses-permission> specify.

• a permission declaration contains a permission name, a permission group that belongs to, and a protection level .

• A permission group is a collection of permissions grouped into functions , which contain multiple specific permissions, such as texting, wireless Internet access, and the ability to make calls to a fee-generating permission group.

• The level of protection of rights is divided into Normal,dangerous,Signature and signatureorsystem four kinds, Different levels limit the way an application authenticates when exercising this privilege. For example, normal as long as the application is available, dangerous permissions are available at installation by user confirmation, signature and Signatureorsystem permissions require the application must be a system user , such as OEM manufacturer or ODM manufacturer.

• The framework layer verifies with the system layer that if a permission is not declared in Androidmanifest.xml, the program runs out of error. Use the command-line debugging tool Logcat to view the system log to discover error messages that require a permission.

• The application that shares the UID can be signed with another user program of the system or the same permission. You can generally set Shareduseridin the androidmanifest file, such as android:shareduserid= "android.uid.shared" for system permissions. However, this program property is usually implanted by the OEM, which means it works for the system software.

after the 2.3 version of the Android Rights Management module, even with root privileges, many of the underlying commands and APIs cannot be executed. For example, Su to root user, execute LS and other commands will appear without permission error.

Android Security Model Android security (app permissions)