On Jul 26, 4:17 pm, Dianne Hackborn <
hack...@android.com> wrote:
> You don't need to do anything with init. You can make an .apk, sign it with
> the platform cert, and unless you do something special it will be
> dynamically assigned its own uid at first system boot.
Hello Dianne,
I think we are misunderstanding each other. What I am trying to say
that signing with the platform cert is *not sufficient* to allow the
process to start/stop services. Unless I assign my app a static UID
and modify the ACL hard-coded in property_service.c in init, any
attempt to set properties or start/stop services results in init
refusing to do so and logging an error, because of this code which
checks the UID/GID of the process trying to set the ctl.* property:
/*
* White list of UID that are allowed to start/stop services.
* Currently there are no user apps that require.
*/
struct {
const char *service;
unsigned int uid;
unsigned int gid;
} control_perms[] = {
{"kdhcp0", AID_RADIO ,0},
{"kdhcp1", AID_RADIO ,0},
{"kdhcp2", AID_RADIO ,0},
{ "dumpstate",AID_SHELL, AID_LOG },
}
/*
* Checks permissions for starting/stoping system services.
* AID_SYSTEM and AID_ROOT are always allowed.
*
* Returns 1 if uid allowed, 0 otherwise.
*/
static int check_control_perms(const char *name, int uid, int gid) {
int i;
if (uid == AID_SYSTEM || uid == AID_ROOT)
return 1;
/* Search the ACL */
for (i = 0; control_perms[i].service; i++) {
if (strcmp(control_perms[i].service, name) == 0) {
if ((uid && control_perms[i].uid == uid) ||
(gid && control_perms[i].gid == gid)) {
return 1;
}
}
}
return 0;
}
void handle_property_set_fd(int fd)
{
.....
if(memcmp(
msg.name,"ctl.",4) == 0) {
if (check_control_perms(msg.value, cr.uid, cr.gid)) {
handle_control_message((char*)
msg.name + 4, (char*)
msg.value);
} else {
ERROR("sys_prop: Unable to %s service ctl [%s] uid: %d
pid:%d\n gid:%d\n",
msg.name + 4, msg.value, cr.uid, cr.pid,
cr.gid);
}
...
}
Best Regards
Andrew Boie