-2

I've come across a *.apk where permissions are needed to be set to the *.db file. But I don't know what's it meaning. Help?

Izzy
  • 91,166
  • 73
  • 343
  • 943
Ahmadul Hoq
  • 101
  • 1
  • 2
  • Maybe you should tell us which .apk that is, where you found it and where this text ("Set permissions...") appears. – Flow Dec 06 '12 at 18:45
  • Actually I have the .apk and the .db file, except I'm kind of lost while setting permissions. I can't understand the pattern in this part only: read, write / read, write / none. – Ahmadul Hoq Dec 06 '12 at 18:50
  • 1
    It is total unclear to me about what you are talking currently. How do you as user set permissions? Or are you talking about some kind of API? Where do you set permissions? – Flow Dec 06 '12 at 18:53
  • No, it's not an API. I am talking about setting the permission to read/write/execute the database file which is in the data folder of the app. – Ahmadul Hoq Dec 06 '12 at 18:56
  • 4
    What is it are you trying to do in the first place that requires changing permissions on files? – Chahk Dec 06 '12 at 18:59

1 Answers1

6

It's difficult to tell for certain without a bit more context, but it sounds like the instructions are attempting to convey the Unix filesystem permissions to set on the database.

Since Android at its core runs on the Linux kernel, its filesystem maintains the same permission and access rules as any typical Unix system does. In general, there are three relevant access modes for a file:

  • The owner: This is the specific user that owns a file/folder. Generally it defaults to whatever user created it. Note that even on Android, which generally presents a single-user interface (excepting v4.2) there are still multiple user accounts on the device. For example, each application runs under its own user ID.
  • The group: This is the Unix group that is marked as the owner of the file. The user that owns the file may or may not be a member of this group. In cases where the owner is not in the group the owner permissions will take precedence.
  • Other: Everyone else who is not either a) the owner of the file or b) in the group that owns the file.

Because of this, simplified Unix filesystem permissions are generally expressed as triplets (I'm ignoring here other flags such as the setuid bit) in order of precedence: user/group/other. Often these will be numerical since Unix uses bitmasks under the hood, where:

  • Execute has a value of 1
  • Write has a value of 2
  • Read has a value of 4

Permissions are thus combined by adding the bitmask values together - to give read and write (but not execute) permission to the desired target, for example, you would want the value to be 6. Putting this together, a file with a permission of 755 would be:

7 -> Owner can read, write or execute
5 -> Group members can read or execute
5 -> Everyone else (other) can read or execute

Putting this all together in the context of your question implies (to me) that the instructions are thus telling you to give the owner of the .db file read/write permission, the group read/write permission and other no permissions at all. I observe this by splitting up the instructions at the slash delimiter in the text.

This would be equivalent to setting the filemode to 660 using the chmod command (likely you would want chmod 0660 /path/to/file.db), but can also be done using any file explorer that supports it. My personal favorite is ES File Explorer, which will give you a grid of checkboxes if you long press on a file and select "Properties". Simply check the appropriate boxes for each target (owner, group, and other).

Izzy summed up what this would mean from a functional standpoint rather well:

It would mean the app itself (=owner) has full access to the database, as has the group (probably for addons/plugins?). All other apps have no access at all (as it should be, keyword "Sandbox")

Community
  • 1
eldarerathis
  • 36,787
  • 16
  • 144
  • 175
  • 3
    Good explanation! To point to one little thing more: It would mean the app itself (=owner) has full access to the database, as has the group (probably for addons/plugins?). All other apps have no access at all (as it should be, keyword "Sandbox"). – Izzy Dec 06 '12 at 20:35
  • @Izzy: That's a good summary. I'm going to move that into the answer if you don't mind (you can leave the comment, I'll link it as the source). – eldarerathis Dec 06 '12 at 20:36
  • @Izzy Searching through my /data/data folder I see the owner and group both being root on various db files, rather than app_192 or what have you. Edit: Looks like maybe that was because they were restored from a backup with a root app. I'll have to try fixing my permissions. Very informative sir :P – Matthew Read Dec 06 '12 at 22:06
  • @MatthewRead: That seems like a logical culprit. A random sampling of my installed user apps shows IDs I would expect (ex: u0_a74 for user and group of the USA Today app's DBs). – eldarerathis Dec 06 '12 at 22:22
  • Yeah. But please don't look at the Skype app (777 for almost everything =:-0). Apart from that, owner should always be the app, and permissions are by default 770 for directories and 660 for files (as said, except with Skype (see AndroidPolice), unless they fixed it meanwhile) – Izzy Dec 06 '12 at 22:59
  • Thanks a lot. I was kind of lost because I did not know whether the delimiter was slash or comma, so I could not understand what permission to set for user/group/other. Thanks again. Solved my problem! – Ahmadul Hoq Dec 07 '12 at 10:51