Android 7 添加安装白名单
程序员文章站
2022-05-19 08:19:00
...
Android 7 添加安装白名单
项目场景:
提示:某些系统只支持已经的apk 安装
例如:项目场景: 车机系统
pm.java代码:
final File systemDir;
final File whiteListFile;
final ArrayList<String> whiteListApps = new ArrayList<String>();
systemDir = new File("/system/", "etc");
whiteListFile = new File(systemDir, "whitelistapps.txt");
if (!whiteListFile.exists()) {
Log.e(TAG, "isWhiteListApp: whiteListApps.txt file no exists");
return false;
}
try {
whiteListApps.clear();
BufferedReader br = new BufferedReader(new FileReader(whiteListFile));
String line = br.readLine();
while (line != null) {
Log.d(TAG, "whiteListApps readLine:" + line);
whiteListApps.add(line);
line = br.readLine();
}
br.close();
} catch (IOException e) {
Log.e(TAG, "IO Exception happened while reading whiteListApps");
e.printStackTrace();
return false;
}
Iterator<String> it = whiteListApps.iterator();
while (it.hasNext()) {
String whitelistItem = it.next();
if (pkgName.equals(whitelistItem)) {
Log.e(TAG, "isWhiteListApp: find matching package name "+pkgName);
return true;
}
}
Log.e(TAG, "isWhiteListApp: cann't find matching package name "+pkgName);
return false;
}
* Moving the implementation of "pm install" to "cmd package install" changes the executing
* context. Instead of being a stand alone process, "cmd package install" runs in the
* system_server process. Due to SELinux rules, system_server cannot access many directories;
* one of which being the package install staging directory [/data/local/tmp].
*
* The use of "adb install" or "cmd package install" over "pm install" is highly encouraged.
*/
private int runInstall() throws RemoteException {
final InstallParams params = makeInstallParams();
final String inPath = nextArg();
String installerPackageName = "";
if (mPm == null) {
System.err.println(PM_NOT_RUNNING_ERR);
return 1;
}
installerPackageName = mPm.getNameForUid(Binder.getCallingUid());
Log.d(TAG, "Binder.getCallingUid() : " + Binder.getCallingUid());
Log.d(TAG, "apkFilePath = "+inPath+", installerPackageName = "+installerPackageName);
if (SystemProperties.getBoolean("persist.sys.whitelist", true)) {
if(!isWhiteListApp(installerPackageName)) {
System.err.println("Error: the app is not in app whitelist packageName " + installerPackageName);
Log.e(TAG, installerPackageName + " is not in the whitelist. install(pm way) not allowed");
return 1;
}
}
-----省略
下一篇: oracle 删除数据