The packages.xml file is rewritten every time a change is made in the package manager that affects it. It is ONLY used for retaining this data across boots -- modifying it while the system is running will not magically make the package manager notice that it changed and reload it.
2009/5/8 Xudong Ni <[email protected]> > Hi, > Yeah, I got the point that package manager keeps its current state of > each application. Installing or uninstalling app will update the > packages.xml. The reason of my misunderstaing is a experiment on the > Android phone: > 1. I manually modifed a item (packages) in packages.xml( deleting a > non-bulid-in App, e.g. FriendTrakcer). Then I can still run it on phone. The > reanson is that package manager keeps a current state of all packages > permissions. > 2. Then I uninstall antoher App( not the same as the package I delete) > through the Application Manager in setting on the real Android phone. Ok, > the packages.xml file updates and the item I deleted appers again on that > file. > 3. Repeat Step 1. And I reboot the phone, when the Android system is ready, > I check the file and find that the packages.xml is newly created and the > item I deleted is still there. > The reason is that Android may have a mechnism to save the state of App and > re-write it into the packages.xml when it is shutting down > 4. Repeat Step 1, I take out the battery, and the same reslut as above. > > So there is only one file packages.xml, and PackageManagerService need it > when the first time to load it. How the android save this information even I > mannally modified it. > > > Thanks. > > xudong > > > 2009/5/8 Dianne Hackborn <[email protected]> > >> No, that is totally wrong. The packages.xml is the package manager's >> current state of each application. It isn't ignored. >> >> Please have a look through the code in PackageManagerService; it's only >> one file (okay a fairly big one), and if you want to know exactly how this >> stuff works you want to know that code. >> >> 2009/5/8 倪旭东 <[email protected]> >> >> So everytime the phone startup, the package manager service scan all >>> packages(.apk) files, and from these files it gets the related permissions >>> and store them in the packages.xml. At runtime checking procedure, the >>> package manager acctually does not need to read the permissions from the >>> packages.xml files, since all the imformation has been saved in the memory >>> (packagemanager class), it will check related permissions and make decision. >>> >>> If above understanding is true, is the following conclustion correct? >>> 1. The ultimate permissions are saved in each app's .apk files, and >>> package manager will load them into packages.xml files. >>> 2. packages.xml does not have effect of permission checking. Since it is >>> be re-written every time when the phone restarts. So whcich system procedure >>> uses this packages.xml files? >>> >>> Thanks. >>> xudong >>> >>> 2009/5/8 Dianne Hackborn <[email protected]> >>> >>> The package manager always re-writes the file after reading it for the >>>> first time, since it does a full scan of all packages at that point and may >>>> have updated some of its state. >>>> >>>> >>>> 2009/5/7 倪旭东 <[email protected]> >>>> >>>>> Hi, >>>>> There's something interesting of the /data/system/packages.xml, I >>>>> find that its last modified time is always the time of the phone power on. >>>>> It means that everytime I trun on my phone and the packages.xml file will >>>>> be >>>>> created, so how the system to get all the information of packages to >>>>> create >>>>> the packages.xml file? >>>>> Thanks. >>>>> >>>>> regards, >>>>> xudong >>>>> >>>>> >>>>> 2009/5/7 Dianne Hackborn <[email protected]> >>>>> >>>>> PackageManagerService implements IPackageManager; the activity manager >>>>>> and package manager run in the same process, so ths ends up being a >>>>>> direct >>>>>> function call. The package manager keeps track of which permissions have >>>>>> been assigned and does the check. >>>>>> >>>>>> 2009/5/7 倪旭东 <[email protected]> >>>>>> >>>>>> Hi, >>>>>>> After reading the PackageManagerService.java and >>>>>>> ActivityManagerService.java, I had a question; >>>>>>> In the ActivityManagerService.java, in the*checkComponentPermission() >>>>>>> *method, it calls the >>>>>>> * >>>>>>> ActivityThread.getPackageManager().checkUidPermission(permission,uid) >>>>>>> *, >>>>>>> However, the ActivityThread.getPackageManager() is a IPackmanager >>>>>>> Interface, and I cannot understand its *checkPermission method or >>>>>>> checkUidPermission method*, does it finish checking by communicating >>>>>>> with PackageManagerService via IPC? Since I didn't find some detail >>>>>>> implementation of checking permission method.Or it may relay >>>>>>> parameters to >>>>>>> the PackageManagerService to do the job and get result? In such case, >>>>>>> the >>>>>>> packages.xml files has effect on checking permission procedure. Is my >>>>>>> understanding correct? >>>>>>> Thanks. >>>>>>> >>>>>>> >>>>>>> regards, >>>>>>> Xudong >>>>>>> >>>>>>> 2009/5/6 Dianne Hackborn <[email protected]> >>>>>>> >>>>>>> packages.xml is the package manager's persistent state. Only the >>>>>>>> package manager should write it, and you are likely to break the >>>>>>>> system if >>>>>>>> you modify it yourself (or have your changes wiped away the next time >>>>>>>> the >>>>>>>> package manager writes it). If you want to know more about it, you >>>>>>>> can look >>>>>>>> at PackageManagerService.java. >>>>>>>> >>>>>>>> 2009/5/6 倪旭东 <[email protected]> >>>>>>>> >>>>>>>> Hi, >>>>>>>>> Still some questions: >>>>>>>>> 1. Does packages.xml (in /data/system ) has real effect in the >>>>>>>>> check procedure of "reference monitor"? I do some experiment on the >>>>>>>>> emulator: >>>>>>>>> Modify some App's permissions' profile, it does not have effect of >>>>>>>>> app's execute. It is the problem of emulator or the acctual effect >>>>>>>>> file is >>>>>>>>> not this one. >>>>>>>>> >>>>>>>>> 2. In the packages.xml file, the user-developed app's permissions >>>>>>>>> are list in every packages, >>>>>>>>> but for the system bulid-in app, such as phone, it does not provide >>>>>>>>> the related permissions, >>>>>>>>> How the system to determine its permissions. >>>>>>>>> >>>>>>>>> 3. Form the packmanager() we can get some information about >>>>>>>>> permissions, what is relationship between packages.xml. It reads it >>>>>>>>> from >>>>>>>>> this file? >>>>>>>>> >>>>>>>>> Thanks. >>>>>>>>> >>>>>>>>> regards, >>>>>>>>> xudong >>>>>>>>> >>>>>>>>> >>>>>>>>> >>>>>>>>> 2009/5/5 William Enck <[email protected]> >>>>>>>>> >>>>>>>>>> Xudong, >>>>>>>>>> >>>>>>>>>> On May 5, 2009, at 12:59 PM, 倪旭东 wrote: >>>>>>>>>> >>>>>>>>>> Thank you. I still have some questions: >>>>>>>>>> 1. After the installation, the app's related permissions files is >>>>>>>>>> saved in the same .apk file or saved in a system central file? >>>>>>>>>> >>>>>>>>>> >>>>>>>>>> Take a look at /data/system/packages.xml >>>>>>>>>> >>>>>>>>>> 2. At runtime, I learned that there is a "reference monitor" from >>>>>>>>>> the paper Understanding Android >>>>>>>>>> Security<http://ieeexplore.ieee.org/xpls/abs_all.jsp?isnumber=4768640&arnumber=4768655>to >>>>>>>>>> check the permission lable. Which is the source code for this >>>>>>>>>> "reference >>>>>>>>>> monitor", or it's a vitual concept. I wonder to know which parts of >>>>>>>>>> source >>>>>>>>>> code dealing with this function. Thanks. >>>>>>>>>> >>>>>>>>>> >>>>>>>>>> We described it more as a "virtual concept". There isn't code >>>>>>>>>> directly corresponding to a reference monitor, but the Activity >>>>>>>>>> Manager >>>>>>>>>> (frameworks/base/services/java/com/android/server/am/ActivityManagerService.java) >>>>>>>>>> is >>>>>>>>>> a good place to start looking. >>>>>>>>>> >>>>>>>>>> -Will >>>>>>>>>> >>>>>>>>>> -- >>>>>>>>>> William Enck >>>>>>>>>> PhD Candidate >>>>>>>>>> Department of Computer Science and Engineering >>>>>>>>>> The Pennsylvania State University >>>>>>>>>> [email protected] >>>>>>>>>> >>>>>>>>>> >>>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>> -- >>>>>>>> Dianne Hackborn >>>>>>>> Android framework engineer >>>>>>>> [email protected] >>>>>>>> >>>>>>>> Note: please don't send private questions to me, as I don't have >>>>>>>> time to provide private support, and so won't reply to such e-mails. >>>>>>>> All >>>>>>>> such questions should be posted on public forums, where I and others >>>>>>>> can see >>>>>>>> and answer them. >>>>>>>> >>>>>>>> >>>>>>> >>>>>> >>>>>> >>>>>> -- >>>>>> Dianne Hackborn >>>>>> Android framework engineer >>>>>> [email protected] >>>>>> >>>>>> Note: please don't send private questions to me, as I don't have time >>>>>> to provide private support, and so won't reply to such e-mails. All such >>>>>> questions should be posted on public forums, where I and others can see >>>>>> and >>>>>> answer them. >>>>>> >>>>>> >>>>> >>>> >>>> >>>> -- >>>> Dianne Hackborn >>>> Android framework engineer >>>> [email protected] >>>> >>>> Note: please don't send private questions to me, as I don't have time to >>>> provide private support, and so won't reply to such e-mails. All such >>>> questions should be posted on public forums, where I and others can see and >>>> answer them. >>>> >>>> >>> >> >> >> -- >> Dianne Hackborn >> Android framework engineer >> [email protected] >> >> Note: please don't send private questions to me, as I don't have time to >> provide private support, and so won't reply to such e-mails. All such >> questions should be posted on public forums, where I and others can see and >> answer them. >> >> > -- Dianne Hackborn Android framework engineer [email protected] Note: please don't send private questions to me, as I don't have time to provide private support, and so won't reply to such e-mails. All such questions should be posted on public forums, where I and others can see and answer them.
