Of Stack

Android Multi User Details

  • 2021-12-13 17:17:12
  • OfStack
Directory Android Multiuser 1. Linux Users and Groups

Android Multiuser

1. Linux users and groups

Linux is a multi-user operating system, each user has a private space on the machine, especially it has a quota of disk space to store files and receive private mail messages. Linux must ensure that this part of private space is only visible to its owner (similar to a bank account, but only to the depositor himself), and should ensure that no user can use the system application to invade other users' private space (that is, of course, no one can use the funds in my bank account at will).

In the Linux operating system, all users pass the only one user ID (UID- > User ID). However, if you choose to share data with other users, the sharing user should be a member of one or more groups. This group ID (GID- > group ID) to identify (several people pay to set up a small company, this company name is GID, our money is a shared resource, which can be used and visible by everyone). Each file can be associated with an exact group. For example, the user who is the owner of the file has read and write permissions on the file, while other users in the group only have read permissions, and users in non-groups in the system have no permissions (unreadable, unwritable and unexecutable).

1. Super user:

In the Linux system, there is a special user- > Superuser (root), root users can do almost anything in Linux system, because OS does not take 1-like protection mechanism for it, root users can access every file on the system and manage every running user program.

2. Switching between ordinary users and super users

Enter the command on the Linux command line: su -, Then enter the password of root user to switch to root user, but it is recommended that under 1 general circumstances, do not use root user at will, because root user error will lead to system file loss and even system crash.

On traditional computers, UID follows "people" (such as users or users of computers). UID in Android is followed by "software" (e.g. Android application).
Since each application has an UID, you can only access the relevant data covered by the UID with this UID. Therefore, if the UID of AP-1 and AP-2 are different, neither party can read the other's data under the default (Default) condition. This divide-and-conquer method can reduce the malicious damage of hacker software to data and improve the security of mobile phones.
When the mobile phone user (i.e. User) downloads your (i.e. developer) application and installs (Install), Android will give an UID. This UID links to the contents of the application's AndroidManifest. xml file. So User can view the contents of this AndroidManifest. xml file in an on-screen window when you install your application. When viewing, the user will see your description of the purpose, permissions and so on of the application. Android installs the program and gives it an UID when you accept the program's intent and permission statement. The user will be alerted to Android if there is a breach (an attempt to do something outside the permission range) during the execution of your application.
There are some special cases where two applications can hold a sample UID. For example, an application written by the same developer often needs to release a new version. These two versions of the program can hold a sample UID before they have the authority to transfer the data copy generated by the old version of the program to the new version of the software.

Pid是进程ID , Uid是用户ID , but Android and computer are not the same, Each user of the computer has one Uid, Which user start program, Uid of this program is that user, and each program in Android has an Uid. By default, Android will assign each program an Uid with different common levels. If applications want to call each other, they can only be the same as Uid, which makes the shared data have a certain security, and each software can't get data at will. However, there is only one Uid with one application, so there is no access problem between Activity under application.

With regard to APPID UID userid, in the case of single user, appid is Uid, and in the case of multiple users, the new uid is recalculated through appid and userid 


public static int getUid(@UserIdInt int userId, @AppIdInt int appId) {
    if (MU_ENABLED) {


        return userId * PER_USER_RANGE + (appId % PER_USER_RANGE);
    } else {
        return appId;
    }
}

UserHandle Contains three concepts: userid,uid,appid

userid: It means how many actual users there are. For example, if my father is very poor and wants to share a mobile phone with his son, he can share two users with his mobile phone, user 0 and user 1. The application and data of the two users are independent. uid: Related to the application process. Except for the sharduid application, the uid for each application of each user is not the same. The uid of user 0's application starts from 10,000. appid: Related to app, appid with the same package name is one. Even for different users. For example, you and your son have installed WeChat on this mobile phone, but the appid of these two WeChat are the same. 

appid  The scope of is 
public static final int FIRST_APPLICATION_UID = 10000;
 
/**
 * Last of application-specific UIDs starting at
 * {@link #FIRST_APPLICATION_UID}.
 */
public static final int LAST_APPLICATION_UID = 19999;

For user group processes, UID like u0_a86. The first part of this UID represents userId, and the last part represents appId (the result of subtracting Process.FIRST_APPLICATION_UID). 


   //uid  You can't exceed the limit. Android  Right  UID  Classified and applied  APK  Of the process in which  UID  From  10000  At first, 
    // And the system  APK  Is in a process less than  10000
Related articles: