The /storage directory and the /storage/emulated/0 directory is accessible in a non-rooted Android OS.
So, why is the /storage/emulated directory not accessible in a non-rooted Android OS ?
Answer
On Android 6+ /storage
is a mountpoint where tmpfs
is (bind) mounted (from /mnt/runtime/default
) with mode 0755
i.e. it's world-readable.
For every app /storage/emulated
is a bind mount in an isolated mount namespace, from /mnt/runtime/VIEW/emulated
which is an emulated/virtual filesystem from /data/media
having mode 0711
and owner root
. So the directory is only traversable, not readable by non-root users that includes all apps.
VIEW is one of read
(for apps with permission.READ_EXTERNAL_STORAGE) or write
(permission.WRITE_EXTERNAL_STORAGE) or default
(for all other apps and processes running in root/global mount namespace i.e. outside zygote).
/storage/emulated/0
is traversable, readable or writeable to apps depending on the status of manifest permissions READ/WRITE_EXTERNAL_STORAGE.
These measurements are a part of Android's app sandboxing approach for better isolation, security and privacy.
Related: What is /storage/emulated/0?
No comments:
Post a Comment