CN110399731A - A kind of anti-root method of intelligent POS based on android system - Google Patents

A kind of anti-root method of intelligent POS based on android system Download PDF

Info

Publication number
CN110399731A
CN110399731A CN201910698808.4A CN201910698808A CN110399731A CN 110399731 A CN110399731 A CN 110399731A CN 201910698808 A CN201910698808 A CN 201910698808A CN 110399731 A CN110399731 A CN 110399731A
Authority
CN
China
Prior art keywords
file
permission
behavior
root
group
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201910698808.4A
Other languages
Chinese (zh)
Inventor
胡鹏
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Aitiwell Electronic Technology (beijing) Co Ltd
Vanstone Electronic Beijing Co Ltd
Original Assignee
Aitiwell Electronic Technology (beijing) Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Aitiwell Electronic Technology (beijing) Co Ltd filed Critical Aitiwell Electronic Technology (beijing) Co Ltd
Priority to CN201910698808.4A priority Critical patent/CN110399731A/en
Publication of CN110399731A publication Critical patent/CN110399731A/en
Pending legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/57Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
    • G06F21/575Secure boot

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Software Systems (AREA)
  • Theoretical Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Storage Device Security (AREA)

Abstract

The anti-root method of the intelligent POS that the invention discloses a kind of based on android system detects whether the behavior for calling chmod or chown or chgrp to assign special access right to file, if so, file attribute to be then forcibly changed into the low rights value of some fixation.Advantage is terminal software can be protected not to be tampered by using this method, and protection terminal data will not be stolen;Meanwhile by preventing that special access right position and attribute is arranged to su, to achieve the effect that prevent permanent acquisition root authority.

Description

A kind of anti-root method of intelligent POS based on android system
Technical field
The present invention relates to the technical field of software security of terminal device more particularly to a kind of intelligence based on android system It can the anti-root method of POS.
Background technique
Android system is the operation system of smart phone established based on linux kernel, the permission machine of android system System and Linux class shape, i.e. root account is system highest administrator.Rogue program wants the system of distorting or system sensitive number According to obtaining root authority is often the first step.
Obtain the substantially step of root authority are as follows: obtain temporary root authority using undocumented system vulnerability, discharge su For program to system directory, the owner for modifying su is root, and increases the s permission of su, when next time calls su, su will automatically with Root authority operation, thus obtains a permanent root authority.
In present existing anti-root technology, one is block rogue program to utilize system by way of beating security patch Loophole obtains temporary root authority;Also whether one is detection system files to modify, and when every subsystem starts, can all detect System partition integrity is refused to start if being modified;First method drawback is more, since security patch is mentioned by Google For, when new loophole occurs, if Google cannot develop corresponding security patch packet at once, or the service packs developed by It can not be upgraded in system in various factors such as networks, thus can not accomplish to be preventive to the chance that rogue program utilizes Possible trouble;Second method can drag the speed of slow system boot starting, influence system performance.
Summary of the invention
The anti-root method of the intelligent POS that the purpose of the present invention is to provide a kind of based on android system, to solve existing There are foregoing problems present in technology.
To achieve the goals above, The technical solution adopted by the invention is as follows:
A kind of anti-root method of intelligent POS based on android system, detected whether call chmod or chown or Chgrp assigns the behavior of special access right to file, if so, file attribute to be then forcibly changed into the low rights value of some fixation.
Preferably, the detection calls chmod to the behavior of file imparting special access right, specifically, having detected whether tune The behavior of s permission or S permission is assigned to file with chmod, if so, then forcing for file permission to be changed to without s permission and S permission Value.
Preferably, the detection calls chown to the behavior of file imparting special access right, specifically, having detected whether tune It is the behavior of high permission user with chown change file owner, if so, then forcing file owner being changed to some low rights User.
Preferably, the detection calls chgrp to the behavior of file imparting special access right, specifically, having detected whether tune The behavior for being high permission group with chgrp change file group, if so, then forcing file group being changed to some low rights Group.
The beneficial effects of the present invention are: the 1, present invention can protect terminal software not to be tampered, protection terminal data will not It is stolen.2, special access right position and attribute is arranged to su by preventing in the present invention, to reach, prevention is permanent to obtain root authority Effect.
Detailed description of the invention
Fig. 1 is the flow diagram of method described in the embodiment of the present invention.
Specific embodiment
In order to make the objectives, technical solutions, and advantages of the present invention clearer, below in conjunction with attached drawing, to the present invention into Row is further described.It should be appreciated that the specific embodiments described herein are only used to explain the present invention, it is not used to Limit the present invention.
As shown in Figure 1, a kind of anti-root method of the intelligent POS based on android system is present embodiments provided, in system After initializing process initiation, that is, after the intelligent POS system based on android system initializes process initiation, detection is It is no to have the behavior for calling chmod or chown or chgrp to assign special access right to file, if so, then file attribute is forced to change The low rights value fixed for some.
In the present embodiment, the method includes three kinds of situations, are respectively as follows: the first, forbid that chmod is called to add to file S permission and S permission.Second, forbid calling chown that file owner is changed to high rights account.The third, forbids calling File group is changed to high permission group by chgrp.
In the present embodiment, it is desirable to anti-root, it is only necessary to block any one step for obtaining permanent root authority, malice journey Sequence is by cisco unity malfunction.
Embodiment one
In the present embodiment, for the first situation, specifically, the detection calls chmod to assign special access right to file Behavior, specifically, the behavior for calling chmod to assign s permission or S permission to file is detected whether, if so, then forcing file Permission is changed to the value without s permission and S permission.
In the present embodiment, the permission of file respectively indicates reading and writing with rwx and executes permission under Linux, and there are also two for file A special permission bits are referred to as SUID permission bits and SGID permission bits, when SUID the SGID permission bits of file are set simultaneously And possess simultaneously x can be performed permission when, it may be said that file have s permission, when the SUID permission bits or SGID permission bits of file When being set, but permission can be performed without x, it is expressed as S permission.When file possesses s permission, file will not be to call Person UID operation, but be root (UID 0) with the owner UID of file operation itself, such as su file owner, and su has s power Limit, then su will be run when su is called in any application with root authority.When detect routine call chmod give file addition s When permission or S permission, file permission is directly assigned a value of lower r--r--r--, su will be unable to promote permission.
In the present embodiment, the chmod is instruction name, and access right is all users;The shelves of Linux/Unix Case access right is divided into three-level: Profile owner, group, other.How control archives can be used by other people institutes using chmod Access.
In the present embodiment, Linux is a multi-user operating system, it allows multiple users to log in and work simultaneously;Institute It states rwx to represent reading and writing and execute permission, wherein r (Read is read): for file, there is the permission for reading file content; For catalogue, there is the permission of browsing catalogue.W (Write, write-in): for file, there is newly-increased, modification file content Permission;For catalogue, the permission with file in deletion, mobile catalogue.X (execute is executed): for file, tool There is the permission for executing file;The user has the permission into catalogue for catalogue.
In the present embodiment, the SUID permission bits and SGID permission bits, SUID meaning: the position of file is arranged to 1, In This document is performed, and this document will be with the operation of the identity of the owner, that is to say, that no matter who executes this file, he has The privilege of file owners, if the owner is root, executor just has the privilege of power user, this is the position It will become a security breaches, therefore the position cannot be set easily.SGID meaning: for binary file, sgid permission is executed Program when, this user will inherit affiliated group of permission of this program;For file, all users are newly-built under this file File all inherits the user group of this catalogue automatically.
Embodiment two
In the present embodiment, for second situation, the detection calling chown assigns the behavior of special access right to file, Specifically, the behavior for calling chown change file owner to be high permission user is detected whether, if so, then forcing file Owner is changed to the user of some low rights.
In the present embodiment, chown is instruction name, and access right root can be by file using chown order Owner is changed.In general, this order can only be used by system operator (root), and general user does not have permission Change the owner of others' file, the owner of the file of oneself can also be changed without permission and be set as others.Only system Manager (root) just has such permission.
In the present embodiment, each file has an owner under Linux, and it is all whom this file of surface belongs to, when file quilt When provided with s permission, file will acquire the permission of owner.Therefore, it detects and calls chown that file owner is changed to root's When behavior, file owner is directly changed to low rights account, such as the user that UID is 2000, rogue program will be unable to obtain enough High permission is come the system of distorting.
Embodiment three
In the present embodiment, for the third situation, the detection calling chgrp assigns the behavior of special access right to file, Specifically, detecting whether to call the behavior that chgrp change file group is high permission group, if so, then forcing file Group is changed to the group of some low rights.
In the present embodiment, chgrp is instruction name, and the affiliated group that chgrp instructs change file and catalogue can be used Group, set-up mode all may be used using group name or group id.
In the present embodiment, each file also belongs to some group under Linux, when file has S permission, file Also it will possess the permission of this group.It, also directly will be literary when therefore detecting that calling chgrp to change file group is high permission group Part group is changed to low rights group, can equally improve security of system.
Example IV
In the present embodiment, the specific implementation process of three cases above is illustrated.When detecting that chmod is called, Setting s permission or S permission are detected whether, if so, r--r--r-- (444) are set by file permission, if it is not, then just Often execute.For example, the priority assignation of certain routine call chmod general/system/bin/su is rwsr-xr-x (4755), it is at this time Anti- root measure of uniting starts, and su permission is revised as r--r--r-- (444).If su priority assignation is by routine call chmod Rwxr-xr-x, anti-root measure not will start, and su permission will directly be changed to rwxr-xr-x.When detecting that chown is called, Detect whether that setting owner is root, if so, directly 2000 are set by file owner, if it is not, normal execute.Example Such as, the owner of/system/bin/su is changed to root by certain routine call chown, and the owner for directly changing su is by chown shell(UID 2000).When detecting that chgrp is called, detect whether that setting group is root, if so, directly will be literary Part group is set as 2000, if it is not, normal execute.For example, the group of certain routine call chgrp general/system/bin/su It is changed to root, chgrp will be changed to sugroup shell (GID 2000).
By using above-mentioned technical proposal disclosed by the invention, following beneficial effect has been obtained:
The anti-root method of the intelligent POS that the present invention provides a kind of based on android system, by having detected whether calling Chmod or chown or chgrp assigns the behavior of special access right to file, consolidates if so, file attribute is then forcibly changed into some The method of fixed low rights value achievees the purpose that terminal software is protected not to be tampered, terminal data is protected not to be stolen, together When, special access right position and attribute are set to su by preventing, to achieve the purpose that prevent permanent acquisition root authority.
The above is only a preferred embodiment of the present invention, it is noted that for the ordinary skill people of the art For member, various improvements and modifications may be made without departing from the principle of the present invention, these improvements and modifications are also answered Depending on protection scope of the present invention.

Claims (4)

1. a kind of anti-root method of intelligent POS based on android system, it is characterised in that: detected whether call chmod or Chown or chgrp assigns the behavior of special access right to file, if so, file attribute is then forcibly changed into the low of some fixation Authority credentials.
2. the anti-root method of the intelligent POS according to claim 1 based on android system, it is characterised in that: the inspection Survey call chmod to file assign special access right behavior, specifically, detected whether call chmod to file assign s permission or The behavior of S permission, if so, then forcing for file permission to be changed to the value without s permission and S permission.
3. the anti-root method of the intelligent POS according to claim 1 based on android system, it is characterised in that: the inspection The behavior for calling chown to assign special access right to file is surveyed, specifically, having detected whether that calling chown to change file owner is The behavior of high permission user, if so, then forcing the user that file owner is changed to some low rights.
4. the anti-root method of the intelligent POS according to claim 1 based on android system, it is characterised in that: the inspection The behavior for calling chgrp to assign special access right to file is surveyed, specifically, having detected whether that calling chgrp to change file group is The behavior of high permission group, if so, then forcing the group that file group is changed to some low rights.
CN201910698808.4A 2019-07-31 2019-07-31 A kind of anti-root method of intelligent POS based on android system Pending CN110399731A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201910698808.4A CN110399731A (en) 2019-07-31 2019-07-31 A kind of anti-root method of intelligent POS based on android system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201910698808.4A CN110399731A (en) 2019-07-31 2019-07-31 A kind of anti-root method of intelligent POS based on android system

Publications (1)

Publication Number Publication Date
CN110399731A true CN110399731A (en) 2019-11-01

Family

ID=68326856

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201910698808.4A Pending CN110399731A (en) 2019-07-31 2019-07-31 A kind of anti-root method of intelligent POS based on android system

Country Status (1)

Country Link
CN (1) CN110399731A (en)

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8127413B2 (en) * 2006-07-11 2012-03-06 Georgia Tech Research Corporation System and method for preventing race condition vulnerability
CN104134026A (en) * 2014-07-30 2014-11-05 广东欧珀移动通信有限公司 Deep security unlocking method and device applied to mobile terminal
CN105095742A (en) * 2014-05-15 2015-11-25 宇龙计算机通信科技(深圳)有限公司 Root detection and recovery method for mobile terminal and mobile terminal
CN106469271A (en) * 2016-08-22 2017-03-01 南京南瑞集团公司 Method to remove Root authority is combined based on forced symmetric centralization with powers and functions

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8127413B2 (en) * 2006-07-11 2012-03-06 Georgia Tech Research Corporation System and method for preventing race condition vulnerability
CN105095742A (en) * 2014-05-15 2015-11-25 宇龙计算机通信科技(深圳)有限公司 Root detection and recovery method for mobile terminal and mobile terminal
CN104134026A (en) * 2014-07-30 2014-11-05 广东欧珀移动通信有限公司 Deep security unlocking method and device applied to mobile terminal
CN106469271A (en) * 2016-08-22 2017-03-01 南京南瑞集团公司 Method to remove Root authority is combined based on forced symmetric centralization with powers and functions

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
刘怀亮: "《Linux系统维护工程师》", 30 June 2008 *

Similar Documents

Publication Publication Date Title
CN109871691B (en) Authority-based process management method, system, device and readable storage medium
CN107066311B (en) Kernel data access control method and system
CN102799817B (en) For the system and method using Intel Virtualization Technology to carry out malware protection
US5347578A (en) Computer system security
US8661541B2 (en) Detecting user-mode rootkits
US8127316B1 (en) System and method for intercepting process creation events
US8326872B2 (en) Database sandbox
US7506364B2 (en) Integrated access authorization
KR100997802B1 (en) Apparatus and method for security managing of information terminal
RU2535506C2 (en) System and method for creating application behaviour model scripts
JP2018524756A (en) System and method for tracking malicious behavior across multiple software entities
CN110135151B (en) Trusted computing implementation system and method based on matching of LSM and system call interception
CN104680084A (en) Method and system for protecting user privacy in computer
CN103246849A (en) Safe running method based on ROST under Windows
CN113051034B (en) Container access control method and system based on kprobes
CN113886835A (en) Method and device for preventing container from escaping, computer equipment and storage medium
KR20170090645A (en) System and method for preventing from ransome virus
CN104268462A (en) Sub-zone protecting method and device of Android system
CN107368738B (en) Root prevention method and Root prevention device for intelligent equipment
KR101321479B1 (en) Method and Apparatus for preventing illegal copy of application software using access control of process
CN110399731A (en) A kind of anti-root method of intelligent POS based on android system
CN112231699A (en) Interception method and device for reading function, electronic equipment and computer readable medium
CN108345804B (en) Storage method and device in trusted computing environment
US11151274B2 (en) Enhanced computer objects security
CN110413351A (en) A kind of credible immunity detection method

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication

Application publication date: 20191101

RJ01 Rejection of invention patent application after publication