普通开发人员如何尝试isPermissionRevokedByPolicy()?

时间:2015-12-03 22:03:10

标签: android android-6.0-marshmallow

API级别23添加了isPermissionRevokedByPolicy() on PackageManager。如果某个包被阻止了请求的权限,那么它应该返回false"通过策略":

  

通常,设备所有者或个人资料所有者可以应用此类政策。

开发人员可以采取哪些措施让isPermissionRevokedByPolicy()返回false某些包/权限组合,而不是通过整个Android for Work套装的恶作剧?

2 个答案:

答案 0 :(得分:7)

当然,我可能错了,但不幸的是,简短的答案似乎是“不,没有”。

更广泛的回答: 这是ApplicationPackageManager的代码:

@Override
public boolean isPermissionRevokedByPolicy(String permName, String pkgName) {
    try {
        return mPM.isPermissionRevokedByPolicy(permName, pkgName, mContext.getUserId());
    } catch (RemoteException e) {
        throw new RuntimeException("Package manager has died", e);
    }
}

其中mPM - 

private final IPackageManager mPM;

它在构造函数中初始化,由ContextImpl.getPackageManager()调用:

@Override
public PackageManager getPackageManager() {
    if (mPackageManager != null) {
        return mPackageManager;
    }

    IPackageManager pm = ActivityThread.getPackageManager();
    if (pm != null) {
        // Doesn't matter if we make more than one instance.
        return (mPackageManager = new ApplicationPackageManager(this, pm));
    }

    return null;
}

source code

深入研究ActivityThread.getPackageManager():

public static IPackageManager getPackageManager() {
    if (sPackageManager != null) {
        //Slog.v("PackageManager", "returning cur default = " + sPackageManager);
        return sPackageManager;
    }
    IBinder b = ServiceManager.getService("package");
    //Slog.v("PackageManager", "default service binder = " + b);
    sPackageManager = IPackageManager.Stub.asInterface(b);
    //Slog.v("PackageManager", "default service = " + sPackageManager);
    return sPackageManager;
}

source code

我正在做的所有这些步骤都是为了找到 isPermissionRevokedByPolicy btw的实际实现。然后我必须找到谁扩展了IPackageManager.Stub - 它是PackageManagerService(source code)。

所以这是实际的实现:

@Override
public boolean isPermissionRevokedByPolicy(String permission, String packageName, int userId) {
    if (UserHandle.getCallingUserId() != userId) {
        mContext.enforceCallingPermission(
                android.Manifest.permission.INTERACT_ACROSS_USERS_FULL,
                "isPermissionRevokedByPolicy for user " + userId);
    }
    if (checkPermission(permission, packageName, userId)
            == PackageManager.PERMISSION_GRANTED) {
        return false;
    }
    final long identity = Binder.clearCallingIdentity();
    try {
        final int flags = getPermissionFlags(permission, packageName, userId);
        return (flags & PackageManager.FLAG_PERMISSION_POLICY_FIXED) != 0;
    } finally {
        Binder.restoreCallingIdentity(identity);
    }
}

可能要“伪造”特定权限的状态,您需要破解checkPermission和getPermissionFlags方法。我担心的问题是,没有明显的方法如何使用覆盖的PackageManagerService来提供ApplicationPackageManager,至少没有反射。

答案 1 :(得分:0)

我认为没有直接的方法。但是,如果可以更改调用包的运行时permissionstate,那么ispermissionrevokedbypolicy()将返回false。但我觉得这也是一个棘手的部分。

相关问题
最新问题