Tuesday, November 28, 2017

stock android - Why is the '/storage/emulated/' directory inaccessible?


The /storage directory and the /storage/emulated/0 directory is accessible in a non-rooted Android OS.
So, why is the /storage/emulated directory not accessible in a non-rooted Android OS ?



Answer



On Android 6+ /storage is a mountpoint where tmpfs is (bind) mounted (from /mnt/runtime/default) with mode 0755 i.e. it's world-readable.


For every app /storage/emulated is a bind mount in an isolated mount namespace, from /mnt/runtime/VIEW/emulated which is an emulated/virtual filesystem from /data/media having mode 0711 and owner root. So the directory is only traversable, not readable by non-root users that includes all apps.


VIEW is one of read (for apps with permission.READ_EXTERNAL_STORAGE) or write (permission.WRITE_EXTERNAL_STORAGE) or default (for all other apps and processes running in root/global mount namespace i.e. outside zygote).


/storage/emulated/0 is traversable, readable or writeable to apps depending on the status of manifest permissions READ/WRITE_EXTERNAL_STORAGE.


These measurements are a part of Android's app sandboxing approach for better isolation, security and privacy.



Related: What is /storage/emulated/0?


No comments:

Post a Comment

samsung galaxy s 2 - Cannot restore Kies backup after firmware upgrade

I backed up my Samsung Galaxy S2 on Kies before updating to Ice Cream Sandwich. After the upgrade I tried to restore, but the restore fails ...