Reputation: 1138
Classes for Permission Checks Android
I am trying to understand the native Android Code Base. I would like to know the part of the code where permissions are checked. For eg if I want to send an SMS, I need the function : public void sendDataMessage (String destinationAddress, String scAddress, short destinationPort, byte[] data, PendingIntent sentIntent, PendingIntent deliveryIntent) Together with this I need to declare the permission SEND_SMS in the Android Manifest. If I dont declare the permission, I get a security Exception. But I didn't find this part in the code in the SmsManager.java. This is the function:
public void sendDataMessage(
String destinationAddress, String scAddress, short destinationPort,
byte[] data, PendingIntent sentIntent, PendingIntent deliveryIntent) {
if (TextUtils.isEmpty(destinationAddress)) {
throw new IllegalArgumentException("Invalid destinationAddress");
}
if (data == null || data.length == 0) {
throw new IllegalArgumentException("Invalid message data");
}
try {
ISms iccISms = getISmsServiceOrThrow();
iccISms.sendDataForSubscriber(getSubscriptionId(), ActivityThread.currentPackageName(),
destinationAddress, scAddress, destinationPort & 0xFFFF,
data, sentIntent, deliveryIntent);
} catch (RemoteException ex) {
// ignore it
}
}
So where exactly are the permissions checked. I am looking for the part of the code where before sending the SMS, Android checks for the SEND_SMS permission. I was expecting a call to various permission Check functions in the PackageManager but it is not the case. I found a few similar questions here where they talk about how the packages are linked to linux users. But I would like to go through the code where it is precisely checked.
Upvotes: 1
Views: 249
Answers (1)
Reputation: 1318
The sendTextMessage() method instantiates an ISms object. It then calls the sendText() method defined in the interface.
ISms iccISms = ISms.Stub.asInterface(ServiceManager.getService("isms"));
if (iccISms != null) {
iccISms.sendText(destinationAddress, scAddress, text, sentIntent, deliveryIntent);
}
here ISms is an interface. so the object returned by getService() method must be implementing this interface. Luckily only two classes extend this interface. The first being IccSmsInterfaceManager and the other being IccSmsInterfaceManagerProxy (I ignored this one).
The IccSmsInterfaceManager class can be found in '/frameworks/base/telephony/java/com/android/internal/telephony/IccSmsInterfaceManager.java'. The sendText() method of this class performs the permission check which is our point of interest.
mPhone.getContext().enforceCallingPermission(
"android.permission.SEND_SMS",
"Sending SMS message");
this enforceCallingPermission call ultimately lands up in the PackageManager through following classes,
context-> ActivityManager -> PackageManagerService
Source:Chasing Android System Calls Down The Rabbit Hole , last accessed: jul 20, 2016
Upvotes: 1
Related Questions
- How do I avoid checking for nulls in Java?
- How can I close/hide the Android soft keyboard programmatically?
- How to stop EditText from gaining focus when an activity starts in Android?
- Proper use cases for Android UserManager.isUserAGoat()?
- Why is the Android emulator so slow? How can we speed up the Android emulator?
- Why is char[] preferred over String for passwords?
- What is 'Context' on Android?
- How do I test a class that has private methods, fields or inner classes?
- Is there a unique Android device ID?