0

I would like to implement a file access control in the Android framework. It has to be global - for each app. So each file call (for example open an image) should be checked by this controller.

I thought to place it in the FileInputStream or FileDescriptor class. Both doesn't support direct access to the file path by them self: FileDescriptor no path variable and: InputStream no path. But, how it is mentioned in the other question, I will try to use a WeakHashMap<FileDescriptor,File> to store the relations and information about the called FileDescriptor/InputStream.

The Java Security Manager provides an authentication & access control api. My question is now, is it possible to use it (by using checkRead(FileDescriptor fd)) in the Android framework? I also want to have dynamic restriction-filter, for example time-dependent access to the files.

I can't find something about in combination so I didn't even know if it's implementable. Here (Java and Android Security) we can see only the separately advantages of them.

Community
  • 1
  • 1
Fabman22
  • 183
  • 12
  • "I would like to implement an file access control in the Android framework" -- are you implementing a custom ROM? – CommonsWare Mar 01 '17 at 16:51
  • Sorry, yes I do. I forgot to mention it. I downloaded the aosp-source code and build an image-file to run and test it for now with the emulator. – Fabman22 Mar 01 '17 at 19:26
  • Enforcing file access at the Java level misses things that bypass Java, such as NDK libraries and `WebView`. – CommonsWare Mar 01 '17 at 19:34
  • Oh I understand.... Does this mean I have to go deeper and edit the bionic library or do I have to go on kernel level to implement this access control? (Edit the read systemcall). – Fabman22 Mar 01 '17 at 20:09
  • That is outside of my area of expertise, sorry. – CommonsWare Mar 01 '17 at 20:09

0 Answers0