1

I am stuck writing some code that uses reflection that calls IConnectivityManager.startLegacyVpn

The error I get is java.lang.SecurityException: Unauthorized Caller

Looking through the android source I see this is the code hanging me up:

if (Binder.getCallingUid() != Process.SYSTEM_UID) { raise the above exception }

My question is if I root my AVD and install my app in system/app will this be sufficient to get around this error?

If so, any tips on how to do this (every time I try to move my apk to the system/app folder it says the app is not installed when I click on the app icon.

Thanks!

user1588070
  • 11
  • 3
  • As to why it says the app is not installed, I think it may need to have 0644 permissions? – Aaron Aug 30 '12 at 22:36

3 Answers3

2

I have the same problem, following android 4.01 open source, i see somethings like this:

public synchronized LegacyVpnInfo getLegacyVpnInfo() {
    // Only system user can call this method.

    if (Binder.getCallingUid() != Process.SYSTEM_UID) {
        throw new SecurityException("Unauthorized Caller");
    }
    return (mLegacyVpnRunner == null) ? null : mLegacyVpnRunner.getInfo();
}

Or, 

// Only system user can revoke a package.
if (Binder.getCallingUid() != Process.SYSTEM_UID) {
    throw new SecurityException("Unauthorized Caller");
}

Or, 

public void protect(ParcelFileDescriptor socket, String interfaze) throws Exception {
    PackageManager pm = mContext.getPackageManager();

    ApplicationInfo app = pm.getApplicationInfo(mPackage, 0);

    if (Binder.getCallingUid() != app.uid) {
        throw new SecurityException("Unauthorized Caller");
    }

    jniProtect(socket.getFd(), interfaze);
}

However, these block of code above is belongs to com.android.server.connectivity.Vpn

(class Vpn), which is not defined in interface IConnectivityManager.

I also find in startLegacyVpnInfo() function but i can't see anything involve exception

"Unauthorized Caller", so i wonder why startLegacyVpnInfo() function throws this exception?

Any solutions for this?

Jake1164
  • 12,291
  • 6
  • 47
  • 64
Binh Le
  • 81
  • 5
0

I am trying to make the same calls. So far I can confirm that rooting the device and copying the apk to /system/app does not work, it does not start under the system uid.

Also, this does not work:

Field uidField = Process.class.getDeclaredField("SYSTEM_UID");
uidField.setAccessible(true);
uidField.set(null, Process.myUid());

Those calls succeed, but they don't seem to affect the SYSTEM_UID field, the field is probably optimized out at compile time.

Aaron
  • 1,141
  • 1
  • 11
  • 21
0

If you include android: sharedUserId="android.uid.system" into your manifest tag (not just the manifest), this should then run the application as system. This should now let you run the code.

As for pushing to /system/app, you need to run adb root followed by adb remount. This will now let you push to /system/app.

Woodi_333
  • 479
  • 2
  • 7