Comments (13)
That would be a good idea!
Implemented. Default app ops will be shown by default, you have to use the corresponding option to toggle the list. This option will be stored in the app preferences.
from appmanager.
thank you!
from appmanager.
The current idea is to use a hybrid method: Parsing appops.xml
for fetching Op information and setting informatioon via appops
util. However, extactly when this xml file is modified is a question.
from appmanager.
On appops.xml
Latest appops.xml
has the following format: (This DTD is made by me and by no means perfect, has compatibility issues)
<!DOCTYPE app-ops [
<!ELEMENT app-ops (uid|pkg)*>
<!ATTLIST app-ops v CDATA #IMPLIED>
<!ELEMENT uid (op)*>
<!ATTLIST uid n CDATA #REQUIRED>
<!ELEMENT pkg (uid)*>
<!ATTLIST pkg n CDATA #REQUIRED>
<!ELEMENT uid (op)*>
<!ATTLIST uid
n CDATA #REQUIRED
p CDATA #IMPLIED>
<!ELEMENT op (st)*>
<!ATTLIST op
n CDATA #REQUIRED
m CDATA #REQUIRED>
<!ELEMENT st EMPTY>
<!ATTLIST st
n CDATA #REQUIRED
t CDATA #IMPLIED
r CDATA #IMPLIED
d CDATA #IMPLIED
pp CDATA #IMPLIED
pu CDATA #IMPLIED>
]>
The instructions below follows the exact order given above:
app-ops
: The root element. It can contain any number ofpkg
or packageuid
v
: (optional, integer) The version number (default:NO_VERSION
or-1
)
pkg
: Stores package info. It can contain any number ofuid
n
: (required, string) Name of the package
- Package
uid
: Stores package or packages infon
: (required, integer) The user ID
uid
: The package user ID. It can contain any number ofop
n
: (required, integer) The user IDp
: (optional, boolean) Is the app is a private/system app
op
: The operation, can containst
or nothing at alln
: (required, integer) The op name in integer, ie. AppOpsManager.OP_*m
: (required, integer) The op mode, ie. AppOpsManager.MODE_*
st
: State of operation: whether the operation is accessed, rejected or runningn
: (required, long) Key containing flags and uidt
: (optional, long) Access time (default:0
)r
: (optional, long) Reject time (default:0
)d
: (optional, long) Access duration (default:0
)pp
: (optional, string) Proxy package namepu
: (optional, integer) Proxy package uid
This definition can be found at com.android.server.appop.AppOpsService.java
.
EDIT: The tag st
is probably not available in old version of Android. But this isn't a problem since we're only interested in getting Ops.
from appmanager.
Parsing appops
to get app ops
appops
tool can be accessed via adb or using root. We'll parse the value of this command in order to get the op values we need.
Relevant command:
appops get <package-name> [<op-name>]
Parsing the command: (stdout only)
- Empty output: Denotes an error. The exit values should be less than 0.
No operations.
: The app has no operation and exit value is 0. There may be another line describingDefault mode: <mode-name>
) depending on whether<op-name>
is given- The output containing op name and mode name with exit value 0. Each line has the following format: (Conventional shell format)
[Uid mode: ]<op-name>: <mode-name>[; time=<time> ago][; rejectTime=<time> ago][ (running)][; duration=<time>]
Where:
<op-name>
is the name of the op. Currently, there's no way to convert op-name to op value without implementing some new function (a working example iscom.android.server.appop.AppOpsService.Shell#strOpToOp(String, PrintWriter)
) but the opposite conversion can be done viaandroid.app.AppOpsManager#opToName(int)
.<mode-name>
is the name of the mode. Like<op-name>
there's no way to convert mode names to mode values by default but possible through implementing some new function (a working example iscom.android.server.appop.AppOpsService.Shell#strModeToMode(String, PrintWriter)
) but the opposite conversion can be done viaandroid.app.AppOpsManager#modeToName(int)
<time>
is a formatted time and described inandroid.util.TimeUtils#formatDurationLocked(long, 0)
. The format is given in summary below: (regex format)Here,^(\s*0|(\+|-)(\d+d)?(\d{1,2}h)?(\d{1,2}m)?(\d{1,2}s)?\d{1,3}ms)$
d
=days,h
=hours,m
=minutes,s
=seconds andms
=milliseconds.
EDIT: Regex to parse a single line:
(?:Uid mode: )?(\w+): (\w+)(?:; time=(?:\s*0|([+\-])(\d+d)?(\d{1,2}h)?(\d{1,2}m)?(\d{1,2}s)?(\d{1,3}m))s ago)?(?:; rejectTime=(?:\s*0|([+\-])(\d+d)?(\d{1,2}h)?(\d{1,2}m)?(\d{1,2}s)?(\d{1,3}m))s ago)?( \(running\))?(?:; duration=(?:\s*0|([+\-])(\d+d)?(\d{1,2}h)?(\d{1,2}m)?(\d{1,2}s)?(\d{1,3}m))s)?
Capture groups:
- 1: op-name
- 2: mode-name
- 3-8: time
- 9-14: rejectTime
- 15: running
- 16-21: duration
from appmanager.
Using appops
to set app ops
Relevant command: (definition of these names are described above)
appops set <package-name> <op-name> <mode-name>
Parsing the command: (stderr only)
- Empty output: Denotes success or failure. If success, the exit value is 0, otherwise less than 0.
Error: Package name not specified.
: This output with exit value-1
denotes no package name was specifiedError: Operation not specified.
: This output with exit value-1
denotes no operation was specifiedError: No UID for <package-name> in user <user-id>
: This output with exit value-1
denotes that the package name doesn't exist for the given userError: Mode not specified.
: This output with exit value-1
denotes no mode was specifiedError: Mode <mode-name> is not valid
: This output with exit value-1
denotes that the given mode was invalid
Beaware that the exit status 0 does not necessarily mean that the mode is applied. You need to run appops get <package-name> <op-name>
(which gives results like in the previous discussion) and parse the output to make sure.
from appmanager.
Code reference to the above tutorial: com.android.server.appop.AppOpsService.Shell#onShellCommand(Shell, String)
from appmanager.
Creating AppOpsService class
com.android.server.appop.AppOpsService
is a special class which extends com.android.internal.app.IAppOpsService.Stub
(it's there but not included in the source). But we don't need all of the features. In fact, we'll do a simple class with only a few public methods. An example interface is given below:
package io.github.muntashirakon.AppManager.appops;
interface IAppOpsService {
int checkOperation(int code, int uid, String packageName);
List<AppOpsManager.PackageOps> getOpsForPackage(int uid, String packageName, int[] ops);
void setMode(int code, int uid, String packageName, int mode);
void resetAllModes(int reqUserId, String reqPackageName);
}
As seen in the last method, it is probably needed to parse user id as well but currently we'll only use the user ID 0. To get user IDs, we can simply parse /data/system/users/userslist.xml
.
EDIT: Detailed implementation is added in e3df598.
from appmanager.
Maybe I'm wrong, but that function seems to be bugged.
Look at that comparison:
These are the permissions that the Look4Sat application needs, according to App Opps (Shizuku working mode):
Screenshot
AppManager shows a completely different list, with many permissions that the app does not use or request:
from appmanager.
AppManager shows a completely different list, with many permissions that the app does not use or request:
Obviously. Android allows many operations by default and you want to disable them too, not just the one's that has been modified. For instance, if requested, all apps can RUN_IN_BACKGROUND
anytime they want either using the system alarm service or broadcast receiver or even a constantly running high priority service that the OS won't be killing even in battery saving mode. Even my list is not perfect as there might be other operations that might be allowed by default which I'm not currently aware of (every vendor modifies that section a lot).
from appmanager.
your explanation about the RUN_IN_BACKGROUND
permission makes sense, but there are others the application won't use, like the camera one. In the android settings, it only lists the location as needed.
Having that many permissions to manage for each app generates additional work for the user that is not needed.
from appmanager.
there are others the application won't use
Excuse me, but who told you that these operations won't be utilised by the app? I mean, do you trust the developer? The developer, maybe, will supply you an update one day which utilises this feature or they could just send sensitive info collected using these already allowed operations as a crash report or something.
Having that many permissions to manage for each app generates additional work for the user that is not needed.
Most permissions are now just wrappers around operations. Then there are normal permissions that are granted by default and, hence, is not listed in the permissions section in Settings. Hence, you'll never know unless you cared to look at the whole manifest (not just uses-permissions
or permissions
as they can be specific to activity as well).
What I can do, however, is that include a filter button in the app ops menu where you can only filter currently allowed app ops and another to exclude already denied app ops. Nothing more than these. I don't want users get the illusion that denying only these permissions will make that app safe to use.
from appmanager.
The developer, maybe, will supply you an update one day which utilises this feature or they could just send sensitive info collected using these already allowed operations as a crash report or something.
In the case I showed (about the camera), if the developer updates the app asking for this new permission, the user will receive a notification when opening the app asking whether or not this new permission is confirmed.
About the other permissions that android doesn't ask the user for, what you said really makes sense.
What I can do, however, is that include a filter button in the app ops menu where you can only filter currently allowed app ops and another to exclude already denied app ops
That would be a good idea!
from appmanager.
Related Issues (20)
- Unable to change apps' components HOT 8
- Plans for 4.0.0-alpha3 ?? Locked out of 4.0.0.alpha 2 HOT 2
- Export/Import from AndroidKeyStore HOT 3
- App Details page UX improvements HOT 2
- App manager doesn't run if you relaunch it. HOT 5
- A while ago I could use AM in adb mode when I was not on wifi but not anymore which sucks so bad HOT 3
- io.github.muntashirakon.widget.AppBarLayout cannot be cast to java.lang.Object[] HOT 1
- Providers minor UI changes HOT 1
- Cannot open via root HOT 2
- A dedicated screen for installing apps HOT 5
- "Backed up first" sort to list more recently backed up apps first HOT 2
- Failure when installing AppList Detector. HOT 2
- unable to ban the sensor HOT 3
- How to use adb to revoke WRITE_SMS 'App Op' from an application? HOT 3
- Apk share HOT 2
- FILTER_FROZEN_APPS not list all frozen apps HOT 2
- without splits filter HOT 1
- JSON format for exporting app list HOT 2
- Ability to convert/revert a normal app into a system app HOT 1
- Ability to set custom description for permissions HOT 2
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from appmanager.