3

How do apps check for the existence of files and folders on /data and /system partitions without having root privileges? I know some games and apps do this for anticheat and security reasons.

Lite Riyusaki
  • 61
  • 3
  • 3
    /system is world readable and /data is accessable within it's own uid – alecxs Aug 30 '21 at 17:20
  • Thanks. Explain the /data part, please. – Lite Riyusaki Aug 30 '21 at 17:27
  • 1
    Does this answer your question? Where Android apps store data? – alecxs Aug 30 '21 at 17:33
  • Not really, still not clear on exactly how an app can detect the existence of another apps directory under /data/data for instance. I know apps can access their own data/data/"package name" but I don't know how it can find the presence of another app directory. – Lite Riyusaki Aug 30 '21 at 17:45
  • existence of apps is not existence of files and directories. there exist (pm) package manager and other APIs for this (java stuff). wait for someone other will explain better – alecxs Aug 30 '21 at 17:53
  • Not the existence of apps, I specifically said app directory but it can be any directory so long as it's under /data – Lite Riyusaki Aug 30 '21 at 17:57
  • 1
    If your question is about apps can read files or directories of other apps (in /data) the answer is NO – alecxs Aug 30 '21 at 18:00
  • 1
    Apps can NOT detect the existence of other apps' directories under /data/data/ without root. Discretionary Access Control doesn't allow different UIDs (apps) to access each other's data. See this, this and this how Android's app sandboxing works. – Irfan Latif Aug 30 '21 at 18:21
  • 3
    There's on exception though. On old Android releases or with SELinux permissive, an app can detect the existence of other app's root directory i.e. /data/data/com.xyz. But it's not possible to read its contents. – Irfan Latif Aug 30 '21 at 18:28
  • How do they do this? – Lite Riyusaki Aug 30 '21 at 21:39
  • 1
    They (the apps) don't play any magic in this. It's just permitted by the operating system. So any app can do this. Read about Discretionary (file owner, group, mode) and Mandatory (SELinux) Access Controls to know how it works. – Irfan Latif Aug 31 '21 at 05:04
  • @IrfanLatif How is "old" defined for Android releases in the context of your comment? – End Anti-Semitic Hate Aug 31 '21 at 07:51
  • 1
    @RockPaperLz-MaskitorCasket old is when Android didn't use SELinux MLS to enforce individual SELinux sandboxes on a per-app basis. As briefly mentioned in official documatation it started with Pie. You can check AOSP git log to find when exactly the changes were made. – Irfan Latif Aug 31 '21 at 09:45

0 Answers0