Hi,
Yeah, I got the point that package manager keeps its current state of
each application. Installing or uninstalling app will update the
packages.xml. The reason of my misunderstaing is a experiment on the
Android phone:
1. I manually modifed a item (packages) in packages.xml( deleting a
non-bulid-in App, e.g. FriendTrakcer). Then I can still run it on phone. The
reanson is that package manager keeps a current state of all packages
permissions.
2. Then I uninstall antoher App( not the same as the package I delete)
through the Application Manager in setting on the real Android phone. Ok,
the packages.xml file updates and the item I deleted appers again on that
file.
3. Repeat Step 1. And I reboot the phone, when the Android system is ready,
I check the file and find that the packages.xml is newly created and the
item I deleted is still there.
The reason is that Android may have a mechnism to save the state of App and
re-write it into the packages.xml when it is shutting down
4. Repeat Step 1, I take out the battery, and the same reslut as above.
So there is only one file packages.xml, and PackageManagerService need it
when the first time to load it. How the android save this information even I
mannally modified it.
Thanks.
xudong
2009/5/8 Dianne Hackborn <[email protected]>
> No, that is totally wrong. The packages.xml is the package manager's
> current state of each application. It isn't ignored.
>
> Please have a look through the code in PackageManagerService; it's only one
> file (okay a fairly big one), and if you want to know exactly how this stuff
> works you want to know that code.
>
> 2009/5/8 倪旭东 <[email protected]>
>
> So everytime the phone startup, the package manager service scan all
>> packages(.apk) files, and from these files it gets the related permissions
>> and store them in the packages.xml. At runtime checking procedure, the
>> package manager acctually does not need to read the permissions from the
>> packages.xml files, since all the imformation has been saved in the memory
>> (packagemanager class), it will check related permissions and make decision.
>>
>> If above understanding is true, is the following conclustion correct?
>> 1. The ultimate permissions are saved in each app's .apk files, and
>> package manager will load them into packages.xml files.
>> 2. packages.xml does not have effect of permission checking. Since it is
>> be re-written every time when the phone restarts. So whcich system procedure
>> uses this packages.xml files?
>>
>> Thanks.
>> xudong
>>
>> 2009/5/8 Dianne Hackborn <[email protected]>
>>
>> The package manager always re-writes the file after reading it for the
>>> first time, since it does a full scan of all packages at that point and may
>>> have updated some of its state.
>>>
>>>
>>> 2009/5/7 倪旭东 <[email protected]>
>>>
>>>> Hi,
>>>> There's something interesting of the /data/system/packages.xml, I
>>>> find that its last modified time is always the time of the phone power on.
>>>> It means that everytime I trun on my phone and the packages.xml file will
>>>> be
>>>> created, so how the system to get all the information of packages to create
>>>> the packages.xml file?
>>>> Thanks.
>>>>
>>>> regards,
>>>> xudong
>>>>
>>>>
>>>> 2009/5/7 Dianne Hackborn <[email protected]>
>>>>
>>>> PackageManagerService implements IPackageManager; the activity manager
>>>>> and package manager run in the same process, so ths ends up being a direct
>>>>> function call. The package manager keeps track of which permissions have
>>>>> been assigned and does the check.
>>>>>
>>>>> 2009/5/7 倪旭东 <[email protected]>
>>>>>
>>>>> Hi,
>>>>>> After reading the PackageManagerService.java and
>>>>>> ActivityManagerService.java, I had a question;
>>>>>> In the ActivityManagerService.java, in the*checkComponentPermission()
>>>>>> *method, it calls the
>>>>>> *
>>>>>> ActivityThread.getPackageManager().checkUidPermission(permission,uid)
>>>>>> *,
>>>>>> However, the ActivityThread.getPackageManager() is a IPackmanager
>>>>>> Interface, and I cannot understand its *checkPermission method or
>>>>>> checkUidPermission method*, does it finish checking by communicating
>>>>>> with PackageManagerService via IPC? Since I didn't find some detail
>>>>>> implementation of checking permission method.Or it may relay parameters
>>>>>> to
>>>>>> the PackageManagerService to do the job and get result? In such case, the
>>>>>> packages.xml files has effect on checking permission procedure. Is my
>>>>>> understanding correct?
>>>>>> Thanks.
>>>>>>
>>>>>>
>>>>>> regards,
>>>>>> Xudong
>>>>>>
>>>>>> 2009/5/6 Dianne Hackborn <[email protected]>
>>>>>>
>>>>>> packages.xml is the package manager's persistent state. Only the
>>>>>>> package manager should write it, and you are likely to break the system
>>>>>>> if
>>>>>>> you modify it yourself (or have your changes wiped away the next time
>>>>>>> the
>>>>>>> package manager writes it). If you want to know more about it, you can
>>>>>>> look
>>>>>>> at PackageManagerService.java.
>>>>>>>
>>>>>>> 2009/5/6 倪旭东 <[email protected]>
>>>>>>>
>>>>>>> Hi,
>>>>>>>> Still some questions:
>>>>>>>> 1. Does packages.xml (in /data/system ) has real effect in the check
>>>>>>>> procedure of "reference monitor"? I do some experiment on the
>>>>>>>> emulator:
>>>>>>>> Modify some App's permissions' profile, it does not have effect of
>>>>>>>> app's execute. It is the problem of emulator or the acctual effect
>>>>>>>> file is
>>>>>>>> not this one.
>>>>>>>>
>>>>>>>> 2. In the packages.xml file, the user-developed app's permissions
>>>>>>>> are list in every packages,
>>>>>>>> but for the system bulid-in app, such as phone, it does not provide
>>>>>>>> the related permissions,
>>>>>>>> How the system to determine its permissions.
>>>>>>>>
>>>>>>>> 3. Form the packmanager() we can get some information about
>>>>>>>> permissions, what is relationship between packages.xml. It reads it
>>>>>>>> from
>>>>>>>> this file?
>>>>>>>>
>>>>>>>> Thanks.
>>>>>>>>
>>>>>>>> regards,
>>>>>>>> xudong
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>> 2009/5/5 William Enck <[email protected]>
>>>>>>>>
>>>>>>>>> Xudong,
>>>>>>>>>
>>>>>>>>> On May 5, 2009, at 12:59 PM, 倪旭东 wrote:
>>>>>>>>>
>>>>>>>>> Thank you. I still have some questions:
>>>>>>>>> 1. After the installation, the app's related permissions files is
>>>>>>>>> saved in the same .apk file or saved in a system central file?
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> Take a look at /data/system/packages.xml
>>>>>>>>>
>>>>>>>>> 2. At runtime, I learned that there is a "reference monitor" from
>>>>>>>>> the paper Understanding Android
>>>>>>>>> Security<http://ieeexplore.ieee.org/xpls/abs_all.jsp?isnumber=4768640&arnumber=4768655>to
>>>>>>>>> check the permission lable. Which is the source code for this
>>>>>>>>> "reference
>>>>>>>>> monitor", or it's a vitual concept. I wonder to know which parts of
>>>>>>>>> source
>>>>>>>>> code dealing with this function. Thanks.
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> We described it more as a "virtual concept". There isn't code
>>>>>>>>> directly corresponding to a reference monitor, but the Activity
>>>>>>>>> Manager
>>>>>>>>> (frameworks/base/services/java/com/android/server/am/ActivityManagerService.java)
>>>>>>>>> is
>>>>>>>>> a good place to start looking.
>>>>>>>>>
>>>>>>>>> -Will
>>>>>>>>>
>>>>>>>>> --
>>>>>>>>> William Enck
>>>>>>>>> PhD Candidate
>>>>>>>>> Department of Computer Science and Engineering
>>>>>>>>> The Pennsylvania State University
>>>>>>>>> [email protected]
>>>>>>>>>
>>>>>>>>>
>>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> --
>>>>>>> Dianne Hackborn
>>>>>>> Android framework engineer
>>>>>>> [email protected]
>>>>>>>
>>>>>>> Note: please don't send private questions to me, as I don't have time
>>>>>>> to provide private support, and so won't reply to such e-mails. All
>>>>>>> such
>>>>>>> questions should be posted on public forums, where I and others can see
>>>>>>> and
>>>>>>> answer them.
>>>>>>>
>>>>>>>
>>>>>>
>>>>>
>>>>>
>>>>> --
>>>>> Dianne Hackborn
>>>>> Android framework engineer
>>>>> [email protected]
>>>>>
>>>>> Note: please don't send private questions to me, as I don't have time
>>>>> to provide private support, and so won't reply to such e-mails. All such
>>>>> questions should be posted on public forums, where I and others can see
>>>>> and
>>>>> answer them.
>>>>>
>>>>>
>>>>
>>>
>>>
>>> --
>>> Dianne Hackborn
>>> Android framework engineer
>>> [email protected]
>>>
>>> Note: please don't send private questions to me, as I don't have time to
>>> provide private support, and so won't reply to such e-mails. All such
>>> questions should be posted on public forums, where I and others can see and
>>> answer them.
>>>
>>>
>>
>
>
> --
> Dianne Hackborn
> Android framework engineer
> [email protected]
>
> Note: please don't send private questions to me, as I don't have time to
> provide private support, and so won't reply to such e-mails. All such
> questions should be posted on public forums, where I and others can see and
> answer them.
>
>
