Adding users for OEM native cod

by Dan Hein » Tue, 01 Sep 2009 14:41:35 GMT

Sponsored Links
 What if I want to add another oemuser, similar to "radio" such that I
can support neato_oem_widgit or neato_oem_daemon?  How do I do this in
Android such that I can better architect areas of code that need
privileged execution from those that do not, e.g. such as in the

I am currently running neato_oem_daemon as root.  I want to reduce its
privilege level to "oemuser", to better sandbox it, restrict the files
it can read/write, and give it it's own system properties,  etc.
However, reading the the current warnings about changing the AID list
in private/android_filesystem_config.h make it seem that adding such a
user is not possible.

What is the best way to do this (use setuid, restrict files for
oem_daemon, impart system properties to oem_daemon) in the bowls of
Android without messing up more widespread platform assumptions about
user IDs?


Adding users for OEM native cod

by JoelV » Wed, 02 Sep 2009 17:23:08 GMT

 Good question Dan, I had a similar one that I posted to the porting
forum a while back, see 

Sponsored Links

Adding users for OEM native cod

by Dianne Hackborn » Wed, 02 Sep 2009 19:07:07 GMT

 The only uids android uses as far as I know are those defined in the
filesystem header, and everything from 10000 and above for dynamically
assigning to applications.


Adding users for OEM native cod

by Dan Hein » Wed, 02 Sep 2009 20:32:17 GMT

 Thanks Dianne.

I think what Joel and I are really asking is whether or not we can
submit a patch to files such as


where we define a AID range for OEM use.  As Joel suggested, 9000-9100.

I think Joel and I want to follow best practices by running
'oem_widget' with least privilege and with proper confinement.


If this suggestion goes anywhere, we'd probably want to make the range
even larger, just to be forward-looking.

Many thanks,


Adding users for OEM native cod

by Dianne Hackborn » Wed, 02 Sep 2009 21:24:52 GMT

 That would be fine with me.


Adding users for OEM native cod

by JoelV » Thu, 03 Sep 2009 18:16:48 GMT

 Thanks Dianne, Dan. I'm fine with broadening the OEM ID range that we
allocate, although I suspect that we won't have too many cases for a
device/device family where we'd need more than 100.



Adding users for OEM native cod

by Dianne Hackborn » Thu, 03 Sep 2009 21:28:14 GMT

 Yeah 100 is quite a lot. :)  We probably don't even have half that number
used by the full platform, even counting all of the dynamic IDs assigned to
each of the built-in .apks. ;)

Dianne Hackborn
Android framework engineer

Note: please don't send private questions to me, as I don't have time to
provide private support, and so won't reply to such e-mails.  All such
questions should be posted on public forums, where I and others can see and
answer them.

Adding users for OEM native cod

by Dan Hein » Fri, 04 Sep 2009 03:42:46 GMT

 The attached patches show what I'm thinking.


Other Threads

1. Sprint 4G Evo phone


Sprint has announced a 4G phone... as far as I can tell it will run
WiMAX on Android 2.1

So where are the TelephonyManager phonetype, signalstrengh, cell
location et al. ? Or is this an HTC customization of Android we won't
see elsewhere ? After all there are some cupcake builds with CDMA...



2. Download a file from a URL extremely slow, am I doing it right?

I'm currently testing whether reading the entire file into memory,
then doing one write is faster.  So far it seems to be only slightly
faster (still downloading).  I suspect the BufferedOutputStream
eliminates this optimization's value, and probably is safer than
allocating a large ~7MB block of memory.

I tried to run my app without the de{*filter*} but haven't yet figured out
how to do that.  When I disconnect the device from the USB and then
run it from the phone it just comes up saying "Waiting for de{*filter*}",
haven't had the chance yet to figure out how to make it no longer wait
for the de{*filter*} to connect.  I'll try that know and let you know my




3. Apps not shown in 2.1 Market

4. Being legally harassed, by a large iPhone developer

5. Is this the limitation of Intent.ACTION_SEND

6. Download a file from a URL extremely slow, am I doing it right?

7. Did Google really remove the ability to call the CropImage activity from Android 2.x apps?