The system/priv app directory is mainly used to store system level applications customized by mobile phone manufacturers, such as phone app, settings app, systemui app, etc. these applications need system and permissions, but cannot be unloaded by users. This directory is a new partition in Android KitKat. Before KitKat, all apks in the system partition can use system permissions. This change enables mobile phone manufacturers to better control the access of bundled software to sensitive permissions. When mobile phone manufacturers customize some system software, the software also needs to add SELinux policy to priv app. Of course, there are other ways for applications to obtain system permissions. Add them to the Android manifest. XML file android:sharedUserId= “Android. Uid. Sysytem” and add a system signature to the APK. For example, Xiaomi mobile phone needs to add Xiaomi’s system permissions to the APK
In fact, from the perspective of security, Google doesn’t want the system/APP/applications that use WebView controls to have system permissions, such as chrome, which has always been a favorite attack point for hackers, so Google will check whether the applications that use WebView controls have system permissions in code power. Paste a code:
194 static WebViewFactoryProvider getProvider() {
195 synchronized (sProviderLock) {
196 // For now the main purpose of this function (and the factory abstraction) is to keep
197 // us honest and minimize usage of WebView internals when binding the proxy.
198 if (sProviderInstance != null) return sProviderInstance;
199
200 final int uid = android.os.Process.myUid();
201 if (uid == android.os.Process.ROOT_UID || uid == android.os.Process.SYSTEM_UID
202 || uid == android.os.Process.PHONE_UID || uid == android.os.Process.NFC_UID
203 || uid == android.os.Process.BLUETOOTH_UID) {
204 throw new UnsupportedOperationException(
205 "For security reasons, WebView is not allowed in privileged processes");
206 }
Note that the processes marked in yellow have system privileges.
These are the special features of the system/priv-app/ partition.
Similar Posts:
- [Solved] Android O Error: Error inflating class android.webkit.WebView/For security reasons, WebView is not allowed in privileged processes
- How to connect Android mobile phone with ADB & reasons and solutions of unable to connect to 192.168.1.100:5555
- Android studio can’t find the emulator and can’t connect to the mobile phone. Prompt adb.exe start server ‘failed — run manually if necessary
- Google service framework and installation method and Google play error resolution!!
- Download the APK installation file of the free app directly from the Google play store
- Obnoxious permission denied: how does ADB handle permission denied when accessing mobile directory
- adb server version (31) doesn’t match this client (41); killing…
- Session ‘app’: Error Installing APK
- [Solved] Android ADB server didn’t ACK * failed to start daemon *
- Wechat applet decrypts encrypteddata error: pad block corrupted solution