search

jakev / dtfmods-core

Core content for Android device testing
Apache License 2.0
6 stars 2 forks source link

Duplicate permissions not handled #36

Open jakev opened 8 years ago

jakev commented 8 years ago

Some devices are not good about being consistent with who is suppose to be defining a permission. For example, on the Kindle Fire (FireOS), mulitple applications define the same permission, with completely different definitions. An example:

In package com.amazon.kindle.otter:

<permission android:name="com.amazon.CONTENT_PROVIDER_ACCESS"/>

But in com.amazon.kindle it's completely different:

<permission android:description="@string/content_permissions_description" android:label="@string/content_permissions_label" android:name="com.amazon.CONTENT_PROVIDER_ACCESS" android:permissionGroup="android.permission-group.PERSONAL_INFO" android:protectionLevel="signature"/>

I'm not 100% sure how the OS determins which one to use, but Android has picked one of them:

02:29:45 /DevTesting/Fire$ dtf_shell dumpsys package perm |grep CONTENT_PROVIDER_ACCESS -A 2
--
  Permission [com.amazon.CONTENT_PROVIDER_ACCESS] (41f1c2e0):
    sourcePackage=com.amazon.kindle.otter

I'm going to migrate the parse_permissions( .. ) method of the sysappdb module to use dumpsys to determine who the OS has picked for the true permission holder.

jakev commented 8 years ago

Tagging this for future.