"Device Administrators" screen is not protected after getting into settings

[ghost]

I don't want to protect settings to not draw attention. Yet, I feel a Fake Die screen when trying to disable the app in Device Administrators is very important. An intruder should be thinking that the Device Administrator is broken and force closing, not that I'm locking any apps.

EDIT Actually, I figured if out by using "activities". But there's a bug/security vuln; reproduce:

When you protect Device Admin activities (there are three to check), go to device admin settings, try to disable MaxLock from being an Admin, you'll be presented with MaxLock Fake Die, just click OK (not the secret "report") and it's disabled... Not Admin anymore. Now install some uninstaller from the market (since the package installer is locked and we can't use it) and you'll be able to uninstall MaxLock.

To mitigate, add option to install MaxLock as a system app. I'll be trying this using Titanium Backup.

Of course, to mitigate, fix the bug first :D

Then add that system app method if you want.

EDIT Changing to system app still isn't gonna work. It'll not allow anyone to "uninstall" the app, but still be able to "disable" it. Which really is the same thing... Just not removing the apk from phone. So this won't work.

I'll be using a combination of locking apps until this is fixed. One to lock the Device Admin irreversibly, and MaxLock to lock every other app. Hopefully this will reduce the impact on battery of the other proprietary locking app.

Thank you very much for your efforts.

EDIT Added "on battery" for clarity in "reduce the impact on battery".

INFO Phone: Nexus 5 Android: 4.4.4

[Maxr1998]

I will try to hook into a specific class, and not activity, then it should work. System app is not recommended, this could cause issues.

[Maxr1998]

Since I already implemented this, I will close this issue.