2

Let's say i create a custom group on Android (We will call it GID 5000) and i want to add users (apps) to this group, how can i manually add the app's UID to GID 5000 ? If possible, without touching the APK.

Zulgrib
  • 431
  • 2
  • 5
  • 12
  • You should not override that, that is the package manager's job to allocate the UID to the APK upon installation, and also, you need to be root to achieve this regardless. Also groups do not really exist in the realm of APK's. – t0mm13b Mar 01 '14 at 15:14
  • Package manager does a poor job when it comes to share files among loca l users. – Zulgrib Mar 01 '14 at 20:06
  • That is the whole idea behind application security! To prevent other apps manipulating other data that does not belong to it. – t0mm13b Mar 01 '14 at 20:12
  • User custom folders are affected too and it prevent local users sharing for example a music folder. Better create a new group and include UID of the app for local users than making the permissions 777. – Zulgrib Mar 02 '14 at 08:30
  • why? am trying to make sense of what you are attempting to do. It sounds rather like, you are defeating the whole point of security. Think about it, malicious app could overwrite or create havoc with another's private data, which could make that app crash due to "corruption" as result! Fyi, 777 is a serious glaring security hole waiting to be exploited and abused! Are you using a tablet with JB or later in regards to multi-user accounts? – t0mm13b Mar 03 '14 at 17:38

1 Answers1

2

Based on Linux, Android supports the addgroup and adduser commands (I just checked on one of my devices, and the command exists). I'm not sure whether it supports the full set of options available on Linux, but what should work is at least

# create a new group
addgroup [--gid ID] group
# add a user (app) to that group
adduser <user> <group>

From the adduser man page:

If called with two non-option arguments, adduser will add an existing user to an existing group.

Izzy
  • 91,166
  • 73
  • 343
  • 943
  • That requires root permissions to be able to use the commands. ;) – t0mm13b Mar 01 '14 at 20:13
  • 1
    @t0mm13b Sure it does. But the question implied that – or do you know of any way to fulfill that request without root? If so, please report it as security issue to AOSP :) – Izzy Mar 02 '14 at 00:56
  • 2
    My device doesn't have addgroup / adduser, what rom/version//device are you using ? Maybe i could port it to my device. (Tried with toolbox and busybox) – Zulgrib Mar 02 '14 at 10:57
  • I doubt you want to do that: I've checked on a backup of my old test device (Motorola Droid²), stock Android 2.2 – and my LG Optimus 4X, stock 4.0.3. Both have it in /system/xbin, at least the latter as links to /system/xbin/busybox. – Izzy Mar 02 '14 at 11:14
  • 2
    I'm currently checking if it's possible to add adduser/addgroup via a custom busybox compilation on device without it on stock. If it works it would mean the solution is general and will flag it as answer. – Zulgrib Mar 03 '14 at 20:51
  • 1
    @Izzy addgroup doesn't work on my rooted tablet. Are you supposed to run this from the emulator or the adb shell? – Prahlad Yeri Oct 20 '16 at 07:21
  • I rarely work with emulator (if at all, and that's quite a while I go I did it last, it's Android_x86 in a VirtualBox) – so I'd say via adb shell. Don't forget those two commands only work if you are root, @PrahladYeri :) – Izzy Oct 20 '16 at 10:24