Adding users for OEM native cod

by Dan Hein » Tue, 01 Sep 2009 14:41:35 GMT


Sponsored Links
 What if I want to add another oemuser, similar to "radio" such that I
can support neato_oem_widgit or neato_oem_daemon?  How do I do this in
Android such that I can better architect areas of code that need
privileged execution from those that do not, e.g. such as in the
following:


 http://nob.cs.ucdavis.edu/bishop/secprog/ 

 http://www.aquaphoenix.com/ref/gnu_c_library/libc_438.html 


I am currently running neato_oem_daemon as root.  I want to reduce its
privilege level to "oemuser", to better sandbox it, restrict the files
it can read/write, and give it it's own system properties,  etc.
However, reading the the current warnings about changing the AID list
in private/android_filesystem_config.h make it seem that adding such a
user is not possible.

What is the best way to do this (use setuid, restrict files for
oem_daemon, impart system properties to oem_daemon) in the bowls of
Android without messing up more widespread platform assumptions about
user IDs?

Thanks,
Dan



Adding users for OEM native cod

by JoelV » Wed, 02 Sep 2009 17:23:08 GMT


 Good question Dan, I had a similar one that I posted to the porting
forum a while back, see 


Sponsored Links


Adding users for OEM native cod

by Dianne Hackborn » Wed, 02 Sep 2009 19:07:07 GMT


 The only uids android uses as far as I know are those defined in the
filesystem header, and everything from 10000 and above for dynamically
assigning to applications.




> 



Adding users for OEM native cod

by Dan Hein » Wed, 02 Sep 2009 20:32:17 GMT


 Thanks Dianne.

I think what Joel and I are really asking is whether or not we can
submit a patch to files such as

system/core/include/private/android_filesystem_config.h
frameworks/base/cmds/servicemanager/service_manager.c

where we define a AID range for OEM use.  As Joel suggested, 9000-9100.

I think Joel and I want to follow best practices by running
'oem_widget' with least privilege and with proper confinement.

Joel,

If this suggestion goes anywhere, we'd probably want to make the range
even larger, just to be forward-looking.

Many thanks,
Dan





>> 



Adding users for OEM native cod

by Dianne Hackborn » Wed, 02 Sep 2009 21:24:52 GMT


 That would be fine with me.






> 



Adding users for OEM native cod

by JoelV » Thu, 03 Sep 2009 18:16:48 GMT


 Thanks Dianne, Dan. I'm fine with broadening the OEM ID range that we
allocate, although I suspect that we won't have too many cases for a
device/device family where we'd need more than 100.

-Joel




>



Adding users for OEM native cod

by Dianne Hackborn » Thu, 03 Sep 2009 21:28:14 GMT


 Yeah 100 is quite a lot. :)  We probably don't even have half that number
used by the full platform, even counting all of the dynamic IDs assigned to
each of the built-in .apks. ;)









-- 
Dianne Hackborn
Android framework engineer
hack...@android.com

Note: please don't send private questions to me, as I don't have time to
provide private support, and so won't reply to such e-mails.  All such
questions should be posted on public forums, where I and others can see and
answer them.



Adding users for OEM native cod

by Dan Hein » Fri, 04 Sep 2009 03:42:46 GMT


 The attached patches show what I'm thinking.






>



Other Threads

1. Updating UI from a timer

Hi,

I am new to Android development and have been working on a simple demo
app that needs to update a TextView a few times from an array after a
button is clicked.  I have read and adapted the code found here to
achieve this: 
http://developer.android.com/resources/articles/timed-ui-updates.html

However, I do not see any updates to my text view - here is my code:

        private TextView outputText;
        private String[] processes = null;
        private Handler updateHandler = new Handler();
        private int messageCounter;
        private Runnable setMessageTask = new Runnable() {
                public void run() {
                        outputText.setText(processes[messageCounter]);
                        if (messageCounter < 6) {
                                messageCounter++;
                                updateHandler.postAtTime(this, 1000);
                        }
                        else {
                                messageCounter = 5;
                        }
                }
        };

    public void onCreate(Bundle savedInstanceState) {
        super.onCreate(savedInstanceState);
        setContentView(R.layout.main);
        Button b = (Button)findViewById(R.id.askQuestion);
        b.setOnClickListener(this);
        outputText = (TextView)findViewById(R.id.outputLabel);
        messageCounter = 5;
     }

    public void onClick(View v) {
        if (processes == null) {
                processes = new String[6];
                processes[0] = "msg 1";
                processes[1] = "msg 2";
                processes[2] = "msg 3";
                processes[3] = "msg 4";
                processes[4] = "msg 5";
                processes[5] = "msg 6";
        }
        TextView tv = (TextView)findViewById(R.id.outputLabel);
        AutoCompleteTextView input =
(AutoCompleteTextView)findViewById(R.id.questionField);
        input.setText("");
        tv.setText("");
        if (messageCounter == 5) {
                messageCounter = 0;
                updateHandler.removeCallbacks(setMessageTask);
                updateHandler.postDelayed(setMessageTask, 1000);
        }
     }


Can anyone here see what I am doing wrong?

-- 

2. disable bluetooth adapter

Is there a way to programatically disable Bluetooth adapter?  any pointer is
highly appreciated.

-- 

3. username and password for sample sync adapter

4. ddms is easy to hang

5. NativeStart.java

6. Problem ppp0 not use App(browser)

7. .classpath file missing