How to use security permissions in combination with a shared user id?
1,343 views
Skip to first unread message
Jonas
Nov 16, 2010, 6:03:59 AM11/16/10
to android-platform
Dear all,
I got a well known security exception:
java.lang.SecurityException: Sending SMS message: User 1001 does not
have android.permission.SEND_SMS
I added the following line to the android manifest file:
But even when I do this I got the same exception.
This has possibly something to do with the shared user id I use:
android:sharedUserId="android.uid.phone", so here my question:
When I use a shared user id (from a system application), can I add my
own permissions to the manifest file.
additional information: I used the same certificate as the system,
else I couldn't use the same user id as a system application.
Thanks in advance for your answers and remarks!
Jonas
I got a well known security exception:
java.lang.SecurityException: Sending SMS message: User 1001 does not
have android.permission.SEND_SMS
I added the following line to the android manifest file:
But even when I do this I got the same exception.
This has possibly something to do with the shared user id I use:
android:sharedUserId="android.uid.phone", so here my question:
When I use a shared user id (from a system application), can I add my
own permissions to the manifest file.
additional information: I used the same certificate as the system,
else I couldn't use the same user id as a system application.
Thanks in advance for your answers and remarks!
Jonas
Jonas
Nov 16, 2010, 9:49:49 AM11/16/10
to android-platform
Dianne Hackborn
Nov 16, 2010, 1:08:51 PM11/16/10
to android-...@googlegroups.com
Yes the permissions associated with a shared user ID are the union of permissions requested by all apps with that uid.
--
Dianne Hackborn
Android framework engineer
hac...@android.com
Note: please don't send private questions to me, as I don't have time to provide private support, and so won't reply to such e-mails. All such questions should be posted on public forums, where I and others can see and answer them.
--
You received this message because you are subscribed to the Google Groups "android-platform" group.
To post to this group, send email to android-...@googlegroups.com.
To unsubscribe from this group, send email to android-platfo...@googlegroups.com.
For more options, visit this group at http://groups.google.com/group/android-platform?hl=en.
--
Dianne Hackborn
Android framework engineer
hac...@android.com
Note: please don't send private questions to me, as I don't have time to provide private support, and so won't reply to such e-mails. All such questions should be posted on public forums, where I and others can see and answer them.
Jonas
Nov 17, 2010, 3:01:26 AM11/17/10
to android-platform
Hey Dianne,
Thank you for your answer!
I didn't expect that because I still got the security exception. When
I remove the shared user ID (together with the code why the shared
user ID is needed). my application actually send the SMS. (When I put
back the shared user ID the exception is thrown, and no SMS is send).
I can confirm that when I use the shared user ID (android.uid.phone),
the security settings of the phone app are used.
So in some kind of way the security settings of my own application are
not used (but when I remove the shared user ID they are...).
Do you have any idea what I do wrong?
Thanks in advance!
Greetings,
Jonas
On Nov 16, 7:08 pm, Dianne Hackborn <hack...@android.com> wrote:
> Yes the permissions associated with a shared user ID are the union of
> permissions requested by all apps with that uid.
>
>
>
> On Tue, Nov 16, 2010 at 6:49 AM, Jonas <jonas.geer...@gmail.com> wrote:
> > Dear all,
>
> > I got a well known security exception:
>
> > java.lang.SecurityException: Sending SMS message: User 1001 does not
> > have android.permission.SEND_SMS
>
> > I added the following line to the android manifest file:
>
> > But even when I do this I got the same exception.
>
> > This has possibly something to do with the shared user id I use:
> > android:sharedUserId="android.uid.phone", so here my question:
>
> > When I use a shared user id (from a system application), can I add my
> > own permissions to the manifest file.
>
> > additional information: I used the same certificate as the system,
> > else I couldn't use the same user id as a system application.
>
> > Thanks in advance for your answers and remarks!
>
> > Jonas
>
> > --
> > You received this message because you are subscribed to the Google Groups
> > "android-platform" group.
> > To post to this group, send email to android-...@googlegroups.com.
> > To unsubscribe from this group, send email to
> > android-platfo...@googlegroups.com<android-platform%2Bunsu...@googlegroups.com>
> > .
Thank you for your answer!
I didn't expect that because I still got the security exception. When
I remove the shared user ID (together with the code why the shared
user ID is needed). my application actually send the SMS. (When I put
back the shared user ID the exception is thrown, and no SMS is send).
I can confirm that when I use the shared user ID (android.uid.phone),
the security settings of the phone app are used.
So in some kind of way the security settings of my own application are
not used (but when I remove the shared user ID they are...).
Do you have any idea what I do wrong?
Thanks in advance!
Greetings,
Jonas
On Nov 16, 7:08 pm, Dianne Hackborn <hack...@android.com> wrote:
> Yes the permissions associated with a shared user ID are the union of
> permissions requested by all apps with that uid.
>
>
>
> On Tue, Nov 16, 2010 at 6:49 AM, Jonas <jonas.geer...@gmail.com> wrote:
> > Dear all,
>
> > I got a well known security exception:
>
> > java.lang.SecurityException: Sending SMS message: User 1001 does not
> > have android.permission.SEND_SMS
>
> > I added the following line to the android manifest file:
>
> > But even when I do this I got the same exception.
>
> > This has possibly something to do with the shared user id I use:
> > android:sharedUserId="android.uid.phone", so here my question:
>
> > When I use a shared user id (from a system application), can I add my
> > own permissions to the manifest file.
>
> > additional information: I used the same certificate as the system,
> > else I couldn't use the same user id as a system application.
>
> > Thanks in advance for your answers and remarks!
>
> > Jonas
>
> > --
> > You received this message because you are subscribed to the Google Groups
> > "android-platform" group.
> > To post to this group, send email to android-...@googlegroups.com.
> > To unsubscribe from this group, send email to
> > .
> > For more options, visit this group at
> >http://groups.google.com/group/android-platform?hl=en.
>
> --
> Dianne Hackborn
> Android framework engineer
> hack...@android.com
> >http://groups.google.com/group/android-platform?hl=en.
>
> --
> Dianne Hackborn
> Android framework engineer
Jonas
Nov 17, 2010, 4:11:17 AM11/17/10
to android-platform
Hey Diane,
I'm not only using the same user id, but also use the same process id:
<application android:process="com.android.phone" ...>
So when I'm still using the same user id, but in a separate process it
also seems to work fine.
So I can update my question:
When I run my application in the same process (as a system
application), can I also add my own permissions by adding them to the
manifest file?
Thanks in advance for your answer!
Jonas
I'm not only using the same user id, but also use the same process id:
<application android:process="com.android.phone" ...>
So when I'm still using the same user id, but in a separate process it
also seems to work fine.
So I can update my question:
When I run my application in the same process (as a system
application), can I also add my own permissions by adding them to the
manifest file?
Thanks in advance for your answer!
Jonas
Reply all
Reply to author
Forward
0 new messages