Turn: Permission detection and uid mechanism in startactivity in Android

Source: Internet
Author: User
We often start another activity in one activity or interact with the result of another acitivity (startactivityforresult ). But have you ever thought about permission problems? If you encounter permission denial exception, you need to read this article.

Within the same application, we can freely start activity from activity A to Activity B. in the official documents, startactivity may report notfoundexception, indicating that the activity to be started does not exist. Therefore, we can easily ignore another possible exception, permission denial.

When we start an activity in application B in different applications, for example, the activity in application A, you may not get any exception or directly force close. When you start the activity again, the code checks permission.

In the following cases, you can successfully startactivity without obtaining permission denial.

1. Under the same application

2. The UID is the same

3. Permission matching

4. Attribute Android: exported = "true" of the target Activity"

5. The target activity has the corresponding intentfilter, Action action or other filters, and exported = false is not set.

6. The PID of the initiator is the PID of the system server.

7. The initiator's uid is a system UID (Android requires Android. system. uid = 1000, which has the UID application. We call it root permission)

If one of the above adjustments is met, it is generally enough (it does not conflict with other settings). Otherwise, the force close will be caused by the exception of permission denial.

Now, let me explain the UID mechanism.

As we all know, PID is the process ID, uid is the user ID, but Android is different from the computer, each user in the computer has a uid, which user Start Program, the UID of this program is that user, in Android, each program has a uid. By default, Android assigns each program a UID with different common levels. If each program is called with the same uid, this makes shared data secure, and each software cannot obtain data at will. The same application has only one uid, so there is no access permission between the activities under the application.

If you need to make an application and share the data of some services such as service, provider, or activity, what can be done in three ways.

1. Completely exposed. This is the role of Android: exported = "true". Once intentfilter is set, exported is set to true by default unless it is set to false. Of course, for those program bodies without intentfilter, its exported attribute is still false by default, so it cannot be shared out.

2. The permission prompt is exposed, which is why usepermission is often set. If someone sets Android: Permission = "XXX. xxx. xx "then, you must usepermission XXX in manufest of your application. xxx. XX can access people's things.

3. Private exposure: if a company has two products, it just wants to call each other, in this case, you must use the same userid to forcibly set the UID of the two software to the same. In this case, you must use a signature document with the company's signature. If you use a shareuid with built-in software, such as contact, you do not need a third-party signature.

This method protects the interests of third-party software companies from data security.

Of course, if an activity runs out of system process, it can be rampant and has any permissions, but you cannot develop a third-party application with the system PID (the system PID is not fixed ), however, you can develop a program with the system UID to access all the programs in the system. You only need to declare the login userid as Android in manufest. system. UID. The generated file must also be signed with a high permission. Generally, Google will not provide you with such a signature file if you do not have an application that meets this audit condition. Of course, if you are compiling your own system and want to make it a system software program, you only need to declare certificate: Platform in Android. mk. You can use both system signatures. The process of obtaining the system uid is called the process of obtaining the root permission. Therefore, many third-party system management software is software with root permission, because it requires arbitrary access to the system. The root signature must be consistent with the compiled system. For example, if the official system uses an official signature file, the CM system must use the CM signature file. (I will not talk about it here)

Here, we should understand the UID mechanism. Pai_^

Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.