CN103826215B - A kind of method and apparatus for carrying out Root authority management on the terminal device - Google Patents

A kind of method and apparatus for carrying out Root authority management on the terminal device Download PDF

Info

Publication number
CN103826215B
CN103826215B CN201410048020.6A CN201410048020A CN103826215B CN 103826215 B CN103826215 B CN 103826215B CN 201410048020 A CN201410048020 A CN 201410048020A CN 103826215 B CN103826215 B CN 103826215B
Authority
CN
China
Prior art keywords
calling
root authority
module
authority
communication service
Prior art date
Application number
CN201410048020.6A
Other languages
Chinese (zh)
Other versions
CN103826215A (en
Inventor
雷宇
张勇
Original Assignee
北京奇虎科技有限公司
奇智软件(北京)有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 北京奇虎科技有限公司, 奇智软件(北京)有限公司 filed Critical 北京奇虎科技有限公司
Priority to CN201410048020.6A priority Critical patent/CN103826215B/en
Publication of CN103826215A publication Critical patent/CN103826215A/en
Application granted granted Critical
Publication of CN103826215B publication Critical patent/CN103826215B/en

Links

Abstract

The invention discloses a kind of method and apparatus for carrying out root authority management on the terminal device;Wherein, this method includes:Root authority is sent to system and obtains request, and obtains the root authority that the system is authorized;Start the service processes with root authority, communication service process is inserted by the process in systems;After the operation requests that other calling process are sent are received by the communication service process, the service processes with root authority are sent this request to;After performing the operation using the service processes with root authority, pass through the communication service progress feedback operating result to other described calling process.It using methods and apparatus of the present invention, can effectively avoid because root authority is used or disabled brought operation failure, and then substantially increase the efficiency of data communication.

Description

A kind of method and apparatus for carrying out Root authority management on the terminal device

Technical field

The present invention relates to the technical field of mobile communication, and in particular to a kind of side of the management of Root authority on the terminal device Method and device.

Background technology

With the development of mobile communication technology, various intelligent mobile terminals are also increasingly popularized;And current mobile terminal Equipment is typically all to limit user right, that is, is divided into user right and Root(Root)Authority;Root authority is System Privileges One kind, with System(System)Authority can be understood as a concept;Root authority is whole mobile terminal system highest authority, A process can be started or stoped, deletes or increases user, increase or disabling hardware etc..

But due to various, in general mobile terminal device does not assign user's Root authority, and this is just Lead to not delete some preset applications, if while thinking installing or unloading application and program etc., each behaviour on mobile terminals When being required for system application Root authority, but applying for Root authority every time, it may be used due to other application Root authority and cause this time operation can not obtain the Root authority, and then cause to install or the operation failure such as delete;Also, such as Fruit user is provided with disabling Root authority forever, then the function of existing numerous application programs can all be lost at present, so as to influence The data-handling efficiency of intelligent mobile terminal.

The content of the invention

In view of the above problems, it is proposed that the present invention so as to provide one kind overcome above mentioned problem or at least in part solve on State a kind of method of management of Root authority on the terminal device of problem and a kind of corresponding Root authority pipe on the terminal device The device of reason.

According to one aspect of the present invention, there is provided a kind of method of the management of Root authority on the terminal device, including:To System sends Root authority and obtains request, and obtains the Root authority that the system is authorized;Start the service with Root authority Process, communication service process is inserted by the process in systems;Other calling process are received by the communication service process After the operation requests of transmission, the service processes with Root authority are sent this request to;There is Root power using described After the service processes of limit perform the operation, by the communication service progress feedback operating result to described other call into Journey.

Preferably, this method also includes:After the operation requests of the communication service process forwarding are received, described in judgement Whether other calling process possess the operating right, if it is, performing the operation.

Preferably, whether other calling process described in the judgement possess the operating right and include:Inquiry it is described other Whether calling process possesses private key signature, if possessed, extracts the private key signature, and described has Root with default The private key signature of the service processes of authority is compared, if comparison result is consistent, it is determined that other described calling process possess The operating right.

Preferably, whether other calling process described in the judgement possess the operating right and include:Extraction it is described other User's mark of calling process and process identification (PID);Utilize the user's mark and process identification (PID) search system of other calling process Permissions list, and according to search result determine described in other calling process operating right.

Preferably, it is described to comprise at least following any one party using the service processes execution operation with Root authority Formula:Unload preset application, installation or unloading application program, backup or reduce application data, enable or disable application program.

Preferably, this method also includes:Completed using the communication service process logical between other calling process and system Letter;The authority of the communication service process is higher than other described calling process authorities.

According to another aspect of the present invention, there is provided a kind of device of the management of Root authority on the terminal device, including:Obtain Take unit, insertion unit, communication unit and processing unit;Wherein, the acquiring unit is suitable to obtain to system transmission Root authority Request is taken, and obtains the Root authority that the system is authorized;The insertion unit is suitable to when the acquiring unit gets Root After authority, start the service processes with Root authority, and communication service process is inserted by the process in systems;It is described logical Letter unit is suitable to the operation requests for receiving other calling process by the communication service process that the insertion unit inserts and sending, and Send this request to the service processes with Root authority;The processing unit is suitable to utilize the insertion unit starting Service processes with Root authority perform the operation after, by the communication service progress feedback operating result to described Other calling process.

Preferably, the processing unit includes:Judge module and indicating module;Wherein, the judge module is suitable to connecing After the operation requests for receiving communication unit forwarding, judge whether other described calling process possess the operating right;The finger Show that module is suitable to the judged result for obtaining the judge module, and after other described calling process possess the operating right, Perform the operation.

Preferably, the judge module includes:Enquiry module and comparing module;Wherein, the enquiry module is suitable to inquiry Whether other described calling process possess private key signature, and Query Result is notified to the comparing module;The comparing module Suitable for receiving the Query Result of the enquiry module, and extract the private key signature with it is default described with Root authority The private key signature of service processes is compared, if comparison result is consistent, it is determined that other described calling process possess the behaviour Make authority.

Preferably, the judge module includes:Extraction module and search module;Wherein, the extraction module is suitable to extraction User's mark of other calling process and process identification (PID);The search module is suitable to what is extracted using the extraction module The user's mark and process identification (PID) search system permissions list of other calling process, and other tune according to determining search result With the operating right of process.

After the embodiment of the present invention is by obtaining system Root authority, start the service processes with Root authority and to system The middle communication service process inserted for communication, you can make other calling process to repeat application Root when performing corresponding operating Authority, and corresponding operating can be performed by the service processes with Root authority of startup, effectively avoid because Root is weighed Limit is used or disabled brought operation failure, and then substantially increases the efficiency of data communication.

Described above is only the general introduction of technical solution of the present invention, in order to better understand the technological means of the present invention, And can be practiced according to the content of specification, and in order to allow above and other objects of the present invention, feature and advantage can Become apparent, below especially exemplified by the embodiment of the present invention.

Brief description of the drawings

By reading the detailed description of hereafter preferred embodiment, it is various other the advantages of and benefit it is common for this area Technical staff will be clear understanding.Accompanying drawing is only used for showing the purpose of preferred embodiment, and is not considered as to the present invention Limitation.And in whole accompanying drawing, identical part is denoted by the same reference numerals.In the accompanying drawings:

Fig. 1 shows a kind of method flow schematic diagram of management of Root authority on the terminal device of the embodiment of the present invention;

Fig. 2 shows the method flow signal of another Root authority management on the terminal device of the embodiment of the present invention Figure;

Fig. 3 shows a kind of apparatus structure schematic diagram of management of Root authority on the terminal device of the embodiment of the present invention.

Embodiment

The exemplary embodiment of the disclosure is more fully described below with reference to accompanying drawings.Although the disclosure is shown in accompanying drawing Exemplary embodiment, it being understood, however, that can in a variety of manners the disclosure without should be limited by embodiments set forth here System.On the contrary, these embodiments are provided to facilitate a more thoroughly understanding of the present invention, and can be complete by the scope of the present disclosure Be communicated to those skilled in the art.

Reference picture 1, show a kind of side of management of Root authority on the terminal device according to an embodiment of the invention The step flow chart of method embodiment 1, specifically may include steps of:

Step 110:Root authority is sent to system and obtains request, and obtains the Root authority that the system is authorized;

It is well known that Root authority refers to Unix type operating systems(Including Linux)System manager's authority, be similar to Windows(Form)Administrator in system(Keeper)Authority;Root authority can access and change the shifting of user Almost all of file in dynamic equipment(Android system file and user file, not including ROM).But due to mobile at present Management of the terminal system for Root authority is strict, and most applications or program do not possess Root power under normal circumstances Limit, therefore can not just be performed for some operations for needing to have Root authority, such as the operation such as installation or unloading application;Together When, such operation calls process is required for when performing corresponding operating every time to system application Root authority, but if now other Application process is used Root authority and carries out associative operation, then the Root authority application of this calling process i.e. can not;What is more, If user is provided with the operation of disabling Root authority in systems, related calling process i.e. can not associative operation.Based on this, The present embodiment proposes only to need to send a Root authority acquisition request to system, can specifically pass through the SU built in calling system (Super User, power user)Order obtains Root authority, or obtains Root by obtaining the shell with Root authority Authority and the launching process in shell, then after the Root authority mandate of the system is obtained, you can make other follow-up calling Without repeating application Root authority when process need to perform associative operation;Specific Root authority acquisition process can refer to prior art Root authority call function, the present embodiment will not be repeated here.

Step 120:Start the service processes with Root authority, communication service is inserted by the process in systems and entered Journey;

Specifically, after the Root authority for the system that gets, associative operation is performed for the ease of other follow-up calling process Root authority obtain power, the present embodiment proposes to start the service processes with Root authority first, and has Root power by this The service processes of limit insert new demand servicing process, hereinafter referred to as communication service process in systems, such as can call letter by system Number ServiceManager.addService carrys out insertion operation;Although not allowing for being optionally plugged into service processes in existing system, But the communication service can be inserted in systems due to the foregoing Root authority for having got system, therefore using existing function Process.

It should be noted that utilize the Root after service processes with Root authority are started in the present embodiment Service processes can be in following several operations any one, but be not limited thereto, including:Perform preset application unloading, The installation or unloading of execution application program, the backup for performing application data or reduction, perform enabling or disabling for application program; Meanwhile the communication service process inserted in systems in the present embodiment is preferably to have system service process-level, its authority is high In the authority of other calling process, and using the communication service process as communication infrastructure, provide communication for other calling process and protect Barrier, the communication connection between system and other calling process.

Step 130:After the operation requests that other calling process are sent are received by the communication service process, this is asked Send to the service processes with Root authority;

In actual application, when other calling process need to perform corresponding operating, it can enter to the communication service Journey sends operation requests, and the method for the present embodiment can receive the operation requests by communication service process, then should Operation requests are sent to the service processes with Root authority;Due to the communication service process as other calling process with being The communication infrastructure of system, and data communication therebetween, therefore other described calling process are without again to system application Root Authority, the operation requests are forwarded to by the service processes with Root authority by the communication service process.

Step 140:After performing the operation using the service processes with Root authority, pass through the communication service Progress feedback operating result is to other described calling process.

Specifically, weighed when being forwarded to the operation requests of other calling process by the communication service process with Root After the service processes of limit, the service processes with Root authority can perform the corresponding operating, then again by operating result Other described calling process are given by the communication service progress feedback, so as to so that other calling process need not be to system Shen Please the i.e. executable corresponding operation of Root authority;Specifically, the order to be communicated between process and parameter can patrol according to business Collect to determine, the present embodiment will not be repeated here.

It is worth noting that, on the basis of above-described embodiment, the present embodiment also proposed another kind on the terminal device The method of Root authority management, this method and above method step are basically identical, and difference is in step 130 and step Also include between 140:

Step 150:Judge whether other described calling process possess the operating right, if it is, performing step 140; Otherwise, end operation.

Specifically, the present embodiment proposition can be by any one following mode come the judgement of operating right, but do not limit to In this:

A, identical private key can be set for some calling process and the service processes with Root authority in advance in systems Signature, it can only be performed there is provided the calling process of private key signature by the service processes with Root authority corresponding Operation;Therefore, after the operation requests of the communication service process forwarding are received, inquire about whether other calling process have first Standby private key signature, if possessed, extract the private key signature and with the private of the default service processes with Root authority Key signature is compared, if the two is consistent, can determine that current calling process has corresponding operating authority;If it is described other Calling process does not possess private key signature or private key signature and the private key signature of the service processes with Root authority is inconsistent, It then can determine that current calling process does not possess corresponding operating authority.

B, for mobile terminal system, any calling process under the system all possesses user's mark(UID)With enter Journey identifies(PID), and all corresponded in System Privileges list and be stored with authority corresponding to the UID and PID;Therefore, receiving To after the operation requests of communication service process forwarding, the UID and PID of current calling process are extracted first, and search for institute System Privileges list is stated, operating right corresponding to the UID and PID can be matched from search result.

As can be seen that using the method for the embodiment of the present invention, by starting after obtaining system Root authority with Root power The service processes of limit simultaneously insert the communication service process for communication into system, you can other calling process is performed corresponding behaviour Without repeating application Root authority when making, and corresponding operating can be performed by the service processes with Root authority of startup, Effectively avoid because Root authority is used or disabled brought operation failure, and then substantially increase data communication Efficiency.

Certainly, above-mentioned special type information and its judgment mode are intended only as example, when implementing the embodiment of the present invention, Ke Yigen Other special type informations and its judgment mode are set according to actual conditions, the embodiment of the present invention is not any limitation as to this.In addition, except upper State outside special type information and its judgment mode, those skilled in the art can also according to being actually needed using other special type informations and its Judgment mode, the embodiment of the present invention are not also any limitation as to this.

The method of above-mentioned Root authority management is described in detail below by specific example, shown in reference picture 2, with Exemplified by mobile phone assistance application, specifically comprise the following steps:

S210:Its host process is to the Android on mobile phone after mobile phone assistant operation(Android)System application Root authority;

S220:The android system authorizes system Root authority to mobile phone assistant;

S230:After the host process of mobile phone assistant gets Root authority, start Root authority process, and weigh by the Root Limit process inserts a communication service process into android system;

S240:After the installed and invoking process of client is triggered, the installed and invoking process is to being inserted into android system In communication service process send mount request;

S250:Mount request is forwarded to mobile phone assistant by the communication service process in the android system;

S260:The Root authority process of the mobile phone assistant searches for Android by the UID and PID of installed and invoking process Permissions list, to determine whether the installed and invoking process possesses installation authority;

S270:After the mobile phone assistant determines that the installed and invoking process possesses installation authority, corresponding installation behaviour is performed Make, and installation results are sent to the communication service process into android system;

S280:Installation results are fed back to the installed and invoking process by Android.

In the present embodiment, the method for above-mentioned Roo rights managements can apply the silent peace loading, unloading in mobile phone assistant pre- In the functions such as dress, interim Root;Specifically, the operation of temporary Root authority comprise at least it is following any one:Standby system, repair Change the internal processes of system, application program is installed in SD card, obtain file directory, silent installation application program, unload and answer With program and uninstalling system pre-installed applications program etc.;

It is described in detail, specifically includes so that uninstalling system is applied as an example below:Set first by finger daemon from movement The system application file stored under file directory is read at standby end, and the system application file read is passed into cloud server and does one Secondary filtering, you can asked with sending the network inquiry for the information for carrying system application to cloud server, to inquire about the system Whether the system indicated by the information of application of uniting application allows to unload;Cloud server can inquire about each system according to inquiry instruction Whether system application allows to unload, to each system application allocation identification, can specifically include following three and identify:Off-loadable, Unload with caution, be not off-loadable.Wherein, above-mentioned mark is that cloud server is supplied to an interface of mobile device to return to field, The field associates with using bag name, for example returns to com.qihoo.mobile:0、com.qihoo.mobile:1 or com.qihoo.mobile:2.Wherein, com.qihoo.mobile is identified:For 0,1,2 when correspond to change using bag as can not respectively Unloading, off-loadable and careful unloading.And in the present embodiment, after user obtains temporary Root authority, movement can be set The Malware of standby middle installation(Such as psoriasis software)Carry out unloading processing;And above-mentioned Malware is directed to, cloud server It is off-loadable that being identified as the Malware can be returned to mobile device, because active user has temporary Root authority so that use Family thoroughly can uninstall the Malware in mobile device, avoid Malware take Installed System Memory, occupying system resources, And the indecent behavior of Malware.

For embodiment of the method, in order to be briefly described, therefore it is all expressed as to a series of combination of actions, but this area Technical staff should know that the embodiment of the present invention is not limited by described sequence of movement, because implementing according to the present invention Example, some steps can use other orders or carry out simultaneously.Secondly, those skilled in the art should also know, specification Described in embodiment belong to preferred embodiment, necessary to the involved action not necessarily embodiment of the present invention.

Reference picture 3, show a kind of dress of management of Root authority on the terminal device according to an embodiment of the invention The structured flowchart of embodiment is put, can specifically include following module:Acquiring unit 310, insertion unit 320, the and of communication unit 330 Processing unit 340;Wherein,

The acquiring unit 310 is suitable to send Root authority acquisition request to system, and obtains what the system was authorized Root authority;The insertion unit 320 is suitable to after the acquiring unit 310 gets Root authority, and starting has Root power The service processes of limit, and communication service process is inserted by the process in systems;The communication unit 330 is suitable to by described The communication service process that insertion unit 320 inserts receives the operation requests of other calling process transmission, and sends this request to The service processes with Root authority;The processing unit 340 is suitable to have using what the insertion unit 320 started After the service processes of Root authority perform the operation, pass through the communication service progress feedback operating result to other described tune Use process.

Wherein, the processing unit 340 may also include(Not shown in figure):Judge module and indicating module;Wherein, it is described Judge module is suitable to after the operation requests of communication unit forwarding are received, and it is described to judge whether other described calling process possess Operating right;The indicating module is suitable to the judged result for obtaining the judge module, and when other described calling process possess After the operating right, the operation is performed.

Refer to it is noted that the judge module may also include(Not shown in figure):Enquiry module and comparing module;Its In, the enquiry module is suitable to whether other described calling process of inquiry possess private key signature, and Query Result is notified to institute State comparing module;The comparing module is suitable to the Query Result for receiving the enquiry module, and extract the private key signature with The private key signature of the default service processes with Root authority is compared, if comparison result is consistent, it is determined that institute State other calling process and possess the operating right.

In addition, the judge module may also include(Not shown in figure):Extraction module and search module;Wherein, it is described to carry Modulus block is suitable to user's mark and the process identification (PID) of extraction other calling process;The search module is suitable to carry described in utilization The user's mark and process identification (PID) search system permissions list for other calling process that modulus block extracts, and according to search result It is determined that the operating right of other calling process.

For device embodiment, because it is substantially similar to embodiment of the method, so description is fairly simple, it is related Part illustrates referring to the part of embodiment of the method.

Algorithm and display be not inherently related to any certain computer, virtual system or miscellaneous equipment provided herein. Various general-purpose systems can also be used together with teaching based on this.As described above, required by constructing this kind of system Structure be obvious.In addition, the present invention is not also directed to any certain programmed language.It should be understood that it can utilize various The content of programming language invention described herein, and the description done above to language-specific is to disclose the present invention Preferred forms.

In the specification that this place provides, numerous specific details are set forth.It is to be appreciated, however, that the implementation of the present invention Example can be put into practice in the case of these no details.In some instances, known method, structure is not been shown in detail And technology, so as not to obscure the understanding of this description.

Similarly, it will be appreciated that in order to simplify the disclosure and help to understand one or more of each inventive aspect, Above in the description to the exemplary embodiment of the present invention, each feature of the invention is grouped together into single implementation sometimes In example, figure or descriptions thereof.However, the method for the disclosure should be construed to reflect following intention:I.e. required guarantor The application claims of shield features more more than the feature being expressly recited in each claim.It is more precisely, such as following Claims reflect as, inventive aspect is all features less than single embodiment disclosed above.Therefore, Thus the claims for following embodiment are expressly incorporated in the embodiment, wherein each claim is in itself Separate embodiments all as the present invention.

Those skilled in the art, which are appreciated that, to be carried out adaptively to the module in the equipment in embodiment Change and they are arranged in one or more equipment different from the embodiment.Can be the module or list in embodiment Member or process be combined into a module or unit or process, and can be divided into addition multiple submodule or subelement or Subprocess.In addition at least some in such feature and/or process or unit exclude each other, it can use any Combination is to this specification(Including adjoint claim, summary and accompanying drawing)Disclosed in all features and so disclosed appoint Where all processes or unit of method or equipment are combined.Unless expressly stated otherwise, this specification(Including adjoint power Profit requirement, summary and accompanying drawing)Disclosed in each feature can be by providing the alternative features of identical, equivalent or similar purpose come generation Replace.

In addition, it will be appreciated by those of skill in the art that although some embodiments described herein include other embodiments In included some features rather than further feature, but the combination of the feature of different embodiments means in of the invention Within the scope of and form different embodiments.For example, in the following claims, embodiment claimed is appointed One of meaning mode can use in any combination.

The all parts embodiment of the present invention can be or soft with what is run on one or more processor with hardware Part module, or with combinations thereof.It will be understood by those of skill in the art that can in practice using microprocessor or Digital signal processor(DSP)The some or all parts come in the equipment of progress webpage loading according to embodiments of the present invention Some or all functions.The present invention can also be to be set for performing some or all of method as described herein Standby or program of device(For example, computer program and computer program product).Such program of the invention can be stored in On computer-readable medium, or there can be the form of one or more signal.Such signal can be from internet net Download and obtain on standing, either provide on carrier signal or provided in the form of any other.

It should be noted that the present invention will be described rather than limits the invention for above-described embodiment, and ability Field technique personnel can design alternative embodiment without departing from the scope of the appended claims.In the claims, Any reference symbol between bracket should not be configured to limitations on claims.Word "comprising" does not exclude the presence of not Element or step listed in the claims.Word "a" or "an" before element does not exclude the presence of multiple such Element.The present invention can be by means of including the hardware of some different elements and by means of properly programmed computer. If in the unit claim for listing equipment for drying, several in these devices can be come specific by same hardware branch Embody.The use of word first, second, and third does not indicate that any order.These words can be construed to title.

The embodiment of the present invention further discloses A1, a kind of method of the management of root authority on the terminal device, including:

Root authority is sent to system and obtains request, and obtains the Root authority that the system is authorized;

Start the service processes with Root authority, communication service process is inserted by the process in systems;

After the operation requests that other calling process are sent are received by the communication service process, institute is sent this request to State the service processes with Root authority;

After performing the operation using the service processes with Root authority, pass through the communication service progress feedback Operating result is to other described calling process.

A2, the method as described in A1, this method also include:

After the operation requests of the communication service process forwarding are received, judge whether other described calling process possess The operating right, if it is, performing the operation.

A3, the method as described in A2, whether other calling process described in the judgement, which possess the operating right, includes:

Whether other described calling process of inquiry possess private key signature, if possessed,

The private key signature is extracted, and is carried out with the private key signature of the default service processes with Root authority Compare, if comparison result is consistent, it is determined that other described calling process possess the operating right.

A4, the method as described in A2, whether other calling process described in the judgement, which possess the operating right, includes:

User's mark of extraction other calling process and process identification (PID);

Using the user's mark and process identification (PID) search system permissions list of other calling process, and tied according to search Fruit determines the operating right of other calling process.

A5, the method as described in A1, it is described to be comprised at least using the service processes execution operation with Root authority Following any one modes:

Unload preset application, installation or unloading application program, backup or reduction application data, enable or disable using journey Sequence.

A6, the method as described in A1, this method also include:

The communication between other calling process and system is completed using the communication service process;The communication service process Authority is higher than other described calling process authorities.

The embodiment of the present invention further discloses B7, a kind of device of the management of Root authority on the terminal device, including:Obtain single Member, insertion unit, communication unit and processing unit;Wherein,

The acquiring unit is suitable to send Root authority acquisition request to system, and obtains the Root power that the system is authorized Limit;

The insertion unit is suitable to after the acquiring unit gets Root authority, starts the service with Root authority Process, and communication service process is inserted by the process in systems;

The communication unit is suitable to receive other calling process hair by the communication service process that the insertion unit inserts The operation requests sent, and send this request to the service processes with Root authority;

The processing unit is suitable to using described in the execution of the service processes with Root authority of the insertion unit starting After operation, pass through the communication service progress feedback operating result to other described calling process.

B8, the device as described in B7, the processing unit include:Judge module and indicating module;Wherein, the judgement mould Block is suitable to after the operation requests of communication unit forwarding are received, and judges whether other described calling process possess the operating rights Limit;

The indicating module is suitable to the judged result for obtaining the judge module, and when other described calling process possess institute After stating operating right, the operation is performed.

B9, the device as described in B8, the judge module include:Enquiry module and comparing module;Wherein, the inquiry mould Block is suitable to whether other described calling process of inquiry possess private key signature, and Query Result is notified to the comparing module;

The comparing module is suitable to the Query Result for receiving the enquiry module, and extracts the private key signature with presetting The private key signatures of the service processes with Root authority be compared, if comparison result is consistent, it is determined that it is described its His calling process possesses the operating right.

B10, the device as described in B8, the judge module include:Extraction module and search module;Wherein, the extraction Module is suitable to user's mark and the process identification (PID) of extraction other calling process;

The search module is suitable to the user's mark and process of other calling process extracted using the extraction module Identification search System Privileges list, and according to search result determine described in other calling process operating right.

Claims (8)

1. a kind of method for carrying out root authority management on the terminal device, including:
Root authority is sent to system and obtains request, and obtains the Root authority that the system is authorized;
Start the service processes with Root authority, communication service process is inserted by the process in systems;
After the operation requests that other calling process are sent are received by the communication service process, the tool is sent this request to There are the service processes of Root authority;The authority of the communication service process is higher than other described calling process authorities;
Judge whether other described calling process possess the operating right, if it is, with Root authority described in utilizing Service processes perform the operation;
After performing the operation using the service processes with Root authority, operated by the communication service progress feedback As a result to other described calling process.
2. the method as described in claim 1, it is characterised in that whether other calling process possess the behaviour described in the judgement Include as authority:
Whether other described calling process of inquiry possess private key signature, if possessed,
The private key signature is extracted, and is compared with the private key signature of the default service processes with Root authority It is right, if comparison result is consistent, it is determined that other described calling process possess the operating right.
3. the method as described in claim 1, it is characterised in that whether other calling process possess the behaviour described in the judgement Include as authority:
User's mark of extraction other calling process and process identification (PID);
It is and true according to search result using the user's mark and process identification (PID) search system permissions list of other calling process The operating right of fixed other calling process.
4. the method as described in claim 1, it is characterised in that described using described in the service processes execution with Root authority Operation comprises at least following any one modes:
Unload preset application, installation or unloading application program, backup or reduce application data, enable or disable application program.
5. the method as described in claim 1, it is characterised in that this method also includes:
The communication between other calling process and system is completed using the communication service process.
6. a kind of device of the management of Root authority on the terminal device, including:Acquiring unit, insertion unit, communication unit and place Manage unit;Wherein,
The acquiring unit is suitable to send Root authority acquisition request to system, and obtains the Root authority that the system is authorized;
The insertion unit is suitable to after the acquiring unit gets Root authority, starts the service with Root authority and enters Journey, and communication service process is inserted by the process in systems;
The communication unit is suitable to receive what other calling process were sent by the communication service process that the insertion unit inserts Operation requests, and send this request to the service processes with Root authority;The authority of the communication service process is high In other described calling process authorities;
The processing unit is suitable to perform the operation using the service processes with Root authority of the insertion unit starting Afterwards, the communication service progress feedback operating result to other described calling process is passed through;
The processing unit also includes judge module and indicating module;Wherein,
The judge module is suitable to after the operation requests of communication unit forwarding are received, and whether judges other described calling process Possesses the operating right;
The indicating module is suitable to the judged result for obtaining the judge module, and when other described calling process possess the behaviour After making authority, the operation is performed.
7. device as claimed in claim 6, it is characterised in that the judge module includes:Enquiry module and comparing module;Its In,
The enquiry module is suitable to whether other described calling process of inquiry possess private key signature, and Query Result is notified to institute State comparing module;
The comparing module is suitable to the Query Result for receiving the enquiry module, and extracts the private key signature and default institute The private key signature for stating the service processes with Root authority is compared, if comparison result is consistent, it is determined that other described tune Possesses the operating right with process.
8. device as claimed in claim 6, it is characterised in that the judge module includes:Extraction module and search module;Its In,
The extraction module is suitable to user's mark and the process identification (PID) of extraction other calling process;
The search module is suitable to user's mark and the process identification (PID) of other calling process extracted using the extraction module Search system permissions list, and according to search result determine described in other calling process operating right.
CN201410048020.6A 2014-02-11 2014-02-11 A kind of method and apparatus for carrying out Root authority management on the terminal device CN103826215B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201410048020.6A CN103826215B (en) 2014-02-11 2014-02-11 A kind of method and apparatus for carrying out Root authority management on the terminal device

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201410048020.6A CN103826215B (en) 2014-02-11 2014-02-11 A kind of method and apparatus for carrying out Root authority management on the terminal device

Publications (2)

Publication Number Publication Date
CN103826215A CN103826215A (en) 2014-05-28
CN103826215B true CN103826215B (en) 2018-03-02

Family

ID=50760994

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201410048020.6A CN103826215B (en) 2014-02-11 2014-02-11 A kind of method and apparatus for carrying out Root authority management on the terminal device

Country Status (1)

Country Link
CN (1) CN103826215B (en)

Families Citing this family (16)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104063303B (en) * 2014-06-30 2019-07-16 上海斐讯数据通信技术有限公司 A method of obtaining and discharge root authority
CN104199697A (en) * 2014-08-27 2014-12-10 北京金山安全软件有限公司 Pre-installed software management method, device and terminal
CN104217158A (en) * 2014-09-17 2014-12-17 青岛海信移动通信技术股份有限公司 Method for detecting system state of intelligent terminal and intelligent terminal
CN104318156B (en) * 2014-10-22 2017-07-25 上海斐讯数据通信技术有限公司 A kind of process access safety method and system
CN104346559B (en) * 2014-11-26 2018-01-02 北京奇虎科技有限公司 Authority request response method and corresponding device
CN105988827B (en) * 2015-01-29 2019-07-05 阿里巴巴集团控股有限公司 A kind of method and device that application is freezed, thaws
CN106161537B (en) * 2015-04-10 2019-12-13 阿里巴巴集团控股有限公司 Method, device and system for processing remote procedure call and electronic equipment
CN105138911B (en) * 2015-09-08 2017-12-01 北京奇虎科技有限公司 The method and apparatus of more portable terminals of ROOT simultaneously
CN105243325A (en) * 2015-09-29 2016-01-13 北京奇虎科技有限公司 Method for residual process file in mobile terminal, mobile terminal and server
CN106919812B (en) * 2015-12-26 2020-06-16 腾讯科技(深圳)有限公司 Application process authority management method and device
CN105912930B (en) * 2016-04-11 2019-02-01 北京奇虎科技有限公司 Mobile terminal and its system resource method of controlling security
CN106169042A (en) * 2016-06-30 2016-11-30 北京壹人壹本信息科技有限公司 The method and device of administration authority
CN106355079B (en) * 2016-08-18 2019-12-06 北京奇虎科技有限公司 Method and device for optimizing installation of application program and terminal
CN106503577A (en) * 2016-09-28 2017-03-15 乐视控股(北京)有限公司 A kind of System right management method, device and corresponding equipment
CN107333150A (en) * 2017-08-15 2017-11-07 四川长虹电器股份有限公司 The method that management and control is installed in Android intelligent television application
CN109840421A (en) * 2017-11-24 2019-06-04 深圳市优必选科技有限公司 A kind of right management method of operating system, device and terminal

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102981835A (en) * 2012-11-02 2013-03-20 福州博远无线网络科技有限公司 Android application program permanent Root permission acquiring method
CN103067463A (en) * 2012-12-19 2013-04-24 新浪网技术(中国)有限公司 Centralized management system and centralized management method for user root permission
CN103428357A (en) * 2012-05-25 2013-12-04 盛乐信息技术(上海)有限公司 Method and apparatus for realizing local service sharing of mobile terminal operating system
CN103473502A (en) * 2013-09-16 2013-12-25 惠州Tcl移动通信有限公司 Method and system for acquiring Root rights of android-based mobile terminal

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103428357A (en) * 2012-05-25 2013-12-04 盛乐信息技术(上海)有限公司 Method and apparatus for realizing local service sharing of mobile terminal operating system
CN102981835A (en) * 2012-11-02 2013-03-20 福州博远无线网络科技有限公司 Android application program permanent Root permission acquiring method
CN103067463A (en) * 2012-12-19 2013-04-24 新浪网技术(中国)有限公司 Centralized management system and centralized management method for user root permission
CN103473502A (en) * 2013-09-16 2013-12-25 惠州Tcl移动通信有限公司 Method and system for acquiring Root rights of android-based mobile terminal

Also Published As

Publication number Publication date
CN103826215A (en) 2014-05-28

Similar Documents

Publication Publication Date Title
JP2018517189A (en) Execute commands in a virtual machine instance
US10073966B2 (en) Operating system-independent integrity verification
US8978032B2 (en) Host naming application programming interface
US9225604B2 (en) Mapping requirements to a system topology in a networked computing environment
CN107368259B (en) Method and device for writing service data into block chain system
US20160260095A1 (en) Containerized Computational Task Execution Management Using a Secure Distributed Transaction Ledger
CN101960446B (en) Secure browser-based applications
EP3513349A1 (en) Self-cleaning token vault
CN104995627B (en) Cipher key revocation in system-on-chip apparatus
US8065659B1 (en) Method and apparatus for executing scripts within a web browser
CN104679534B (en) System application installation package loading processing method, apparatus and terminal
CN104040510B (en) Computing device with secure direct memory access and related method
CN104199711B (en) The method and apparatus for establishing root authority
US10032028B2 (en) Method for processing UEFI protocols and system therefor
TWI380216B (en) System and method for automated operating system installation
JP6022718B2 (en) Configuration and validation by trusted providers
US20160132668A1 (en) Management apparatus, management method, and recording medium of management program
JP5976258B1 (en) Light installer
CN107911421B (en) Method, apparatus, and computer storage medium for configuring cross-network communications in a blockchain
CN103257683A (en) Method and device of cloud calculation service expansion and contraction
CN103744686B (en) Control method and the system of installation is applied in intelligent terminal
US20160125194A1 (en) Dynamic service discovery
CN103329093A (en) Updating software
CN103580908A (en) Server configuration method and system
US8321352B1 (en) Fingerprinting for software license inventory management

Legal Events

Date Code Title Description
PB01 Publication
C06 Publication
SE01 Entry into force of request for substantive examination
C10 Entry into substantive examination
GR01 Patent grant
GR01 Patent grant