Principles of LBE in 1.x for online permission management

Source: Internet
Author: User
Tags sendmsg

I have previously studied some of the principles of implementing security monitoring in LBE of 1.x, and have basically figured out the principles of Implementing network-based permission management. Here is a simple record.


First of all, we need to introduce the process of starting the Android application. For more information, see the relevant information. I have only mentioned this, for example, starting an apk process, it will certainly send a message to system_server, including some parameters for starting the process. One of the parameters is "-- setgroups = xxx, xxx, xxx", and the following xxx values are integer values, corresponding to some permission definitions of Android, 3003 (0 xBBB) is the corresponding Internet permission. Www.2cto.com


So 1. the implementation principle of Version x is coming out. hook the system_server process, intercept the sendmsg function, and parse the parameters. If it is a parameter of the startup process, use the uid to check whether the process is allowed to be connected to the Internet, if the network connection is not allowed, replace the related permissions in setgroups, replace 3003 with 9999, and then hand it over to the real sendmsg function for processing, then you will find that the process you started has no Internet permission.

 

The drawbacks of this implementation method are also obvious, and the processes started after the hook will not be affected. A started process cannot be modified in real time.


So how can we solve these problems?


Using iptable for online permission management, google code has an open-source project droidwall. If you are interested, you can study it on your own. Currently, LBE and 360 functions are similar to droidwall, it is unknown whether it is learned from droidwall.

Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.