WO2018090452A1 - Procédé et appareil de protection d'autorisation racine - Google Patents

Procédé et appareil de protection d'autorisation racine Download PDF

Info

Publication number
WO2018090452A1
WO2018090452A1 PCT/CN2016/112615 CN2016112615W WO2018090452A1 WO 2018090452 A1 WO2018090452 A1 WO 2018090452A1 CN 2016112615 W CN2016112615 W CN 2016112615W WO 2018090452 A1 WO2018090452 A1 WO 2018090452A1
Authority
WO
WIPO (PCT)
Prior art keywords
pseudo
program
root
protecting
environment variable
Prior art date
Application number
PCT/CN2016/112615
Other languages
English (en)
Chinese (zh)
Inventor
韩瑞峰
Original Assignee
深圳Tcl数字技术有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 深圳Tcl数字技术有限公司 filed Critical 深圳Tcl数字技术有限公司
Publication of WO2018090452A1 publication Critical patent/WO2018090452A1/fr

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/604Tools and structures for managing or administering access control systems
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/629Protecting access to data via a platform, e.g. using keys or access control rules to features or functions of an application
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2141Access rights, e.g. capability lists, access control lists, access tables, access matrices

Definitions

  • the present invention relates to the field of mobile terminal technologies, and in particular, to a method and an apparatus for protecting root rights.
  • root tools At present, users generally use some root tools to root the operating system of the terminal.
  • the basic principles of these root tools basically use some security vulnerabilities to obtain the highest authority, and then any user can log in to the operating system.
  • SU Switch User switch user
  • any application can get root privileges by calling the SU program.
  • the root privilege can bring some convenience to the user, it also exposes the highest privilege of the system. If a malicious program uses the root privilege, it can almost access and modify all the files in the terminal, copy all sensitive information, photos, Video, etc., uploaded to any address specified by the malicious program, the consequences are very serious. In addition, improper operation with root privileges is quite dangerous. A slight delay may cause the terminal to crash, and a serious one may cause the terminal to fail to boot properly. Since the Android system is based on linux, there are many Linux vulnerabilities that can be exploited on the market, and there are many vulnerabilities in the hands of a few people that have not leaked out. Therefore, there is currently no way to completely prevent the terminal from being rooted, and the operating system of the terminal. Once rooted, the root privileges of the terminal are completely exposed, threatening the security of the data in the terminal.
  • the present invention provides a method for protecting root rights, including:
  • the method further includes:
  • the pre-compiled pseudo-SU program is saved in a storage directory corresponding to the pseudo environment variable.
  • the method further includes:
  • the pseudo-environment variable corresponding to the pseudo-SU program in the storage directory is sent to the application.
  • the method further includes:
  • the method further includes:
  • a reminder message or a warning message is added in advance to the pseudo-SU program.
  • the reminder message or the warning message is output to remind the user that the root authority fails to be obtained.
  • the present invention also provides an apparatus for protecting Root authority, the apparatus comprising:
  • An obtaining module configured to acquire, after detecting an operating system root of the terminal, a read priority of a storage directory corresponding to an environment variable storing the SU program in the operating system;
  • a setting module configured to set a read priority of the storage directory corresponding to the pseudo environment variable according to the read priority of the storage directory corresponding to the obtained environment variable, wherein the pseudo environment variable corresponds to the read after the storage directory is set
  • the priority is higher than the read priority of the storage directory corresponding to the obtained environment variable.
  • the adding module is further configured to:
  • the pre-compiled pseudo-SU program is saved in a storage directory corresponding to the pseudo environment variable.
  • the device further comprises:
  • the calling module is configured to send the pseudo-SU variable corresponding to the pseudo-SU program in the storage directory to the application if a call instruction for calling the SU program sent by any application is detected.
  • the adding module is further configured to:
  • the device further comprises:
  • the reminding module is configured to add a reminder message or a warning message to the pseudo-SU program in advance. After receiving the pseudo-SU program, the application may output the reminder message or the warning message to remind the user that the root authority fails to be obtained.
  • the method and device for protecting the root privilege provided by the present invention include: adding a pseudo environment variable to the operating system of the terminal in advance, and acquiring the environment variable of the SU program stored in the operating system after detecting the operating system root of the terminal Corresponding to the read priority of the storage directory, setting the read priority of the storage directory corresponding to the pseudo environment variable according to the read priority of the storage directory corresponding to the obtained environment variable, so that the pseudo environment variable corresponds to the storage directory setting The read priority is higher than the read priority of the storage directory corresponding to the obtained environment variable.
  • the invention adds a pseudo environment variable in the operating system of the terminal in advance, and sets the reading priority of the storage directory corresponding to the pseudo environment variable to be higher than the reading of the storage directory corresponding to the environment variable storing the SU program in the operating system after the root.
  • the priority is that the application cannot call the stored SU program, and thus cannot obtain any root authority.
  • FIG. 1 is a schematic flowchart of a first embodiment of a method for protecting root rights according to the present invention
  • FIG. 2 is a schematic flowchart of a second embodiment of a method for protecting root rights according to the present invention
  • FIG. 3 is a schematic flowchart of a third embodiment of a method for protecting root rights according to the present invention.
  • FIG. 4 is a schematic diagram of functional modules of a first embodiment of a device for protecting root rights according to the present invention
  • FIG. 5 is a schematic diagram of functional modules of a second embodiment of an apparatus for protecting root rights according to the present invention.
  • FIG. 6 is a schematic diagram of functional modules of a third embodiment of the apparatus for protecting root rights according to the present invention.
  • FIG. 1 is a schematic flowchart of a method for protecting a root privilege according to a first embodiment of the present invention.
  • the method for protecting a root privilege is applied to an operating system of a terminal or a terminal, and the method includes:
  • step S10 a pseudo environment variable is added in advance to the operating system of the terminal.
  • a pseudo environment variable to the operating system of the terminal in advance, and specifically, the terminal may be added before leaving the factory.
  • a pseudo environment variable "/security" is added to the operating system of the terminal before the terminal leaves the factory.
  • the environment variable generally refers to some parameters used in the operating system to specify the operating environment of the operating system, such as the temporary folder location and the system folder location.
  • An environment variable is an object with a specific name in the operating system that contains information that one or more applications will use.
  • the path environment variable in Windows and DOS operating systems when the system is required to run a program without telling the full path of the program, the system should look for the path specified in the path environment variable in addition to the current directory. To find. That is, environment variables are mainly used to specify a program software path, which contains strings such as drive, path or file name, and environment variables control the behavior of multiple programs, only administrators can add, modify or delete operations. System system environment variables.
  • the method further includes:
  • the pre-compiled pseudo-SU program is saved in a storage directory corresponding to the pseudo environment variable.
  • the pseudo-SU program is pre-compiled, and then stored in the storage directory corresponding to the pseudo environment variable, for example, in the storage directory "/security" corresponding to the pseudo environment variable.
  • the normal SU program can make a normal user switch to super user or other users, and can temporarily have the rights of the switched user, and any application can obtain root privileges by calling the SU program.
  • the pseudo-SU program described in this embodiment is an empty program file or a security program that does not include any rights, that is, the application cannot obtain any root authority by calling the pseudo-SU program described in this embodiment.
  • step S20 after the operating system root of the terminal is detected, the read priority of the storage directory corresponding to the environment variable storing the SU program in the operating system is obtained.
  • the root root tool of the operating system stores the compiled SU program in a storage directory corresponding to the environment variable it establishes, for example, the compiled SU program. Stored in the storage directory "/system/bin" or “/system/xbin” corresponding to the environment variable it is created.
  • the storage directory corresponding to the environment variable has a read priority, that is, any application needs to call the read priority of the storage directory corresponding to the environment variable when calling the program in the environment variable, so the implementation For example, after the operating system root of the terminal is detected, the read priority of the storage directory corresponding to the environment variable storing the SU program in the operating system is obtained.
  • Step S30 setting a read priority of the storage directory corresponding to the pseudo environment variable according to the read priority of the storage directory corresponding to the environment variable, wherein the pseudo environment variable corresponds to the read priority after the storage directory is set.
  • the level is higher than the read priority of the storage directory corresponding to the obtained environment variable.
  • any application can only invoke the priority.
  • the high pseudo environment variable corresponds to the pseudo-SU program in the storage directory, and the SU program in the storage directory corresponding to the lower-priority environment variable cannot be called, so that no root authority can be obtained.
  • the method for protecting the root privilege in the embodiment includes: adding a pseudo environment variable to the operating system of the terminal in advance, and after detecting the operating system root of the terminal, acquiring an environment variable corresponding to the SU program stored in the operating system
  • the read priority of the storage directory is set, and the read priority of the storage directory corresponding to the pseudo environment variable is set according to the read priority of the storage directory corresponding to the obtained environment variable, so that the pseudo environment variable is corresponding to the storage directory setting.
  • the read priority is higher than the read priority of the storage directory corresponding to the obtained environment variable.
  • a pseudo environment variable is added in the operating system of the terminal in advance, and the read priority of the storage directory corresponding to the pseudo environment variable is set to be higher than that of the storage directory corresponding to the environment variable of the SU program stored in the operating system after the root.
  • the priority is obtained, so that the application cannot call the stored SU program, and thus the root authority cannot be obtained.
  • the technical problem that the root authority of the terminal is completely exposed after the operating system root of the terminal in the prior art is solved, and the terminal is improved. The security of the internal data.
  • FIG. 2 is a schematic flowchart of a second embodiment of a method for protecting a root privilege according to the foregoing embodiment of the present invention.
  • the above methods for protecting Root permissions include:
  • Step S40 If a call instruction for calling the SU program sent by any application is detected, the pseudo-SU variable corresponding to the pseudo-SU program in the storage directory is sent to the application.
  • the root tool After the operating system root of the terminal, the root tool adds a compiled SU program to the operating system of the terminal, and then any application can obtain the root authority by calling the SU program.
  • the pseudo-environment variable for storing the pseudo-SU program in the embodiment corresponds to the read priority of the storage directory, and is higher than the storage directory corresponding to the environment variable for storing the SU program established by the root tool in the terminal operating system.
  • Read priority so after detecting the call instruction for calling the SU program sent by any application, only the pseudo-SU program corresponding to the higher priority pseudo environment variable can be called, that is, if any random detection is detected,
  • the application sends a call instruction for calling the SU program, and sends the pseudo-environment variable with a higher priority to the application in the storage directory corresponding to the pseudo-SU program.
  • the application can only extract the pseudo environment with higher priority.
  • the variable corresponds to the pseudo-SU program in the storage directory, and the SU program in the storage directory corresponding to the environment variable having the lower priority cannot be extracted.
  • the method for protecting the root authority in the embodiment after detecting the call instruction for calling the SU program sent by any application after the operating system root of the terminal, the pseudo environment variable is corresponding to the storage directory.
  • the pseudo-SU program is sent to the application, so that the application cannot obtain the SU program established by the root tool, and thus cannot obtain any root authority, thereby realizing the purpose of effectively protecting the root authority after the operating system root of the terminal.
  • the method further includes:
  • the SU program established by the root tool is extracted to obtain the root authority.
  • the pre-compiled pseudo-SU program is saved in the pseudo. After the storage directory corresponding to the environment variable, the file attribute of the pseudo-SU program is set to read-only, or the file attribute of the pseudo-SU program is set to be non-deletable.
  • the pseudo-SU program described in this embodiment may be a blank SU program, which does not include any command for invoking the root privilege, so any application cannot obtain any root privilege after obtaining the pseudo-SU program. of.
  • the method for protecting the root authority in the embodiment after saving the pre-compiled pseudo-SU program in the storage directory corresponding to the pseudo environment variable, setting the file attribute of the pseudo-SU program to read-only, or The file attribute of the pseudo SU program is set to be undeleteable.
  • setting the file attribute of the pseudo-SU program to read-only or non-deletable it is possible to effectively prevent the malware from extracting the SU program established by the root tool to obtain the root authority by modifying or deleting the pseudo-SU program.
  • the purpose of effectively protecting the root authority of the terminal after the operating system root of the terminal is implemented.
  • FIG. 3 is a schematic flowchart of a third embodiment of a method for protecting a root privilege according to the present invention.
  • the method for protecting a root privilege according to the embodiment described in FIG. 1 and FIG. also includes:
  • Step S50 Add a reminder message or a warning message to the pseudo-SU program in advance. After receiving the pseudo-SU program, the application may output the reminder message or the warning message to remind the user that the root authority fails to be obtained.
  • a reminder message or a warning message is added to the pseudo-SU program in advance, such as “failure to obtain root authority” or “prohibit obtaining root authority”, etc., to remind the user that the root authority fails to be obtained, or to warn the user for the terminal.
  • the security of the internal data, prohibiting the acquisition of root privileges, and when a malicious application wants to obtain the root program, is used to prompt the user to prevent it.
  • an alert message or a warning message in the pseudo SU program is output.
  • the reminder message or the warning message may be output to the operation interface of the application, or the reminder message or the warning message may be directly outputted to the display interface of the terminal to remind the user.
  • the method for protecting the root authority in the embodiment by adding a reminder message or a warning message to the pseudo-SU program in advance, after receiving the pseudo-SU program by any application, outputting the reminder message or the warning message,
  • the user can be prompted to obtain the root failure after the terminal root, or the user is prompted to obtain the root permission for the security of the data in the terminal, thereby further protecting the data of the terminal after the root is in the terminal. Security.
  • FIG. 4 is a schematic diagram of a functional module of a device for protecting a root privilege according to a first embodiment of the present invention.
  • the device for protecting the root privilege is a part of the terminal, and the device 100 for protecting the root privilege include:
  • the module 10 is added for adding a pseudo environment variable in the operating system of the terminal in advance.
  • a pseudo environment variable to the operating system of the terminal in advance, and specifically, the terminal may be added before leaving the factory.
  • a pseudo environment variable "/security" is added to the operating system of the terminal before the terminal leaves the factory.
  • the environment variable generally refers to some parameters used in the operating system to specify the operating environment of the operating system, such as the temporary folder location and the system folder location.
  • An environment variable is an object with a specific name in the operating system that contains information that one or more applications will use.
  • the path environment variable in Windows and DOS operating systems when the system is required to run a program without telling the full path of the program, the system should look for the path specified in the path environment variable in addition to the current directory. To find. That is, environment variables are mainly used to specify a program software path, which contains strings such as drive, path or file name, and environment variables control the behavior of multiple programs, only administrators can add, modify or delete operations. System system environment variables.
  • adding module 10 is further configured to:
  • the pre-compiled pseudo-SU program is saved in the storage directory corresponding to the pseudo environment variable.
  • the pseudo-SU program is pre-compiled, and then stored in the storage directory corresponding to the pseudo environment variable, for example, in the storage directory "/security" corresponding to the pseudo environment variable.
  • the normal SU program can make a normal user switch to super user or other users, and can temporarily have the rights of the switched user, and any application can obtain root privileges by calling the SU program.
  • the pseudo-SU program described in this embodiment is an empty program file or a security program that does not include any rights, that is, the application cannot obtain any root authority by calling the pseudo-SU program described in this embodiment.
  • the obtaining module 20 is configured to acquire, after detecting the operating system root of the terminal, a read priority of the storage directory corresponding to the environment variable storing the SU program in the operating system.
  • the root root tool of the operating system stores the compiled SU program in a storage directory corresponding to the environment variable it establishes, for example, the compiled SU program is stored.
  • the storage directory "/system/bin” or “/system/xbin” corresponding to the environment variable it establishes.
  • the storage directory corresponding to the environment variable has a read priority, that is, any application needs to call the read priority of the storage directory corresponding to the environment variable when calling the program in the environment variable, so the implementation For example, after the operating system root of the terminal is detected, the read priority of the storage directory corresponding to the environment variable storing the SU program in the operating system is obtained.
  • the setting module 30 is configured to set a read priority of the storage directory corresponding to the pseudo environment variable according to the read priority of the storage directory corresponding to the environment variable, where the pseudo environment variable corresponds to the storage directory setting The read priority is higher than the read priority of the storage directory corresponding to the obtained environment variable.
  • any application can only invoke the priority.
  • the high pseudo environment variable corresponds to the pseudo-SU program in the storage directory, and the SU program in the storage directory corresponding to the lower-priority environment variable cannot be called, so that no root authority can be obtained.
  • the device for protecting the root privilege in the embodiment includes: adding a pseudo environment variable to the operating system of the terminal in advance, and after detecting the operating system root of the terminal, acquiring an environment variable corresponding to the SU program stored in the operating system
  • the read priority of the storage directory is set, and the read priority of the storage directory corresponding to the pseudo environment variable is set according to the read priority of the storage directory corresponding to the obtained environment variable, so that the pseudo environment variable is corresponding to the storage directory setting.
  • the read priority is higher than the read priority of the storage directory corresponding to the obtained environment variable.
  • a pseudo environment variable is added in the operating system of the terminal in advance, and the read priority of the storage directory corresponding to the pseudo environment variable is set to be higher than that of the storage directory corresponding to the environment variable of the SU program stored in the operating system after the root.
  • the priority is obtained, so that the application cannot call the stored SU program, and thus the root authority cannot be obtained.
  • the technical problem that the root authority of the terminal is completely exposed after the operating system root of the terminal in the prior art is solved, and the terminal is improved. The security of the internal data.
  • FIG. 5 is a schematic diagram of a functional module of a second embodiment of the apparatus for protecting the root privilege according to the embodiment of FIG. 4, in this embodiment, after the operating system root of the terminal
  • the device 100 for protecting the root authority further includes:
  • the calling module 40 is configured to send a pseudo-SU program corresponding to the storage directory to the application if the calling instruction for calling the SU program sent by any application is detected.
  • the root tool After the operating system root of the terminal, the root tool adds a compiled SU program to the operating system of the terminal, and then any application can obtain the root authority by calling the SU program.
  • the pseudo-environment variable for storing the pseudo-SU program in the embodiment corresponds to the read priority of the storage directory, and is higher than the storage directory corresponding to the environment variable for storing the SU program established by the root tool in the terminal operating system.
  • Read priority so after detecting the call instruction for calling the SU program sent by any application, only the pseudo-SU program corresponding to the higher priority pseudo environment variable can be called, that is, if any random detection is detected,
  • the application sends a call instruction for calling the SU program, and sends the pseudo-environment variable with a higher priority to the application in the storage directory corresponding to the pseudo-SU program.
  • the application can only extract the pseudo environment with higher priority.
  • the variable corresponds to the pseudo-SU program in the storage directory, and the SU program in the storage directory corresponding to the environment variable having the lower priority cannot be extracted.
  • the apparatus for protecting the root authority after detecting the call instruction for calling the SU program sent by any application after the operating system root of the terminal, the pseudo environment variable is corresponding to the storage directory.
  • the pseudo-SU program is sent to the application, so that the application cannot obtain the SU program established by the root tool, and thus cannot obtain any root authority, thereby realizing the purpose of effectively protecting the root authority after the operating system root of the terminal.
  • the adding module 10 is further configured to:
  • the SU program established by the root tool is extracted to obtain the root authority.
  • the pre-compiled pseudo-SU program is saved in the pseudo. After the storage directory corresponding to the environment variable, the file attribute of the pseudo-SU program is set to read-only, or the file attribute of the pseudo-SU program is set to be non-deletable.
  • the pseudo-SU program described in this embodiment may be a blank SU program, which does not include any command for invoking the root privilege, so any application cannot obtain any root privilege after obtaining the pseudo-SU program. of.
  • the device for protecting the root authority in the embodiment after saving the pre-compiled pseudo-SU program in the storage directory corresponding to the pseudo environment variable, setting the file attribute of the pseudo-SU program to read-only, or The file attribute of the pseudo SU program is set to be undeleteable.
  • setting the file attribute of the pseudo-SU program to read-only or non-deletable it is possible to effectively prevent the malware from extracting the SU program established by the root tool to obtain the root authority by modifying or deleting the pseudo-SU program.
  • the purpose of effectively protecting the root authority of the terminal after the operating system root of the terminal is implemented.
  • FIG. 6 is a schematic diagram of a functional module of a third embodiment of the apparatus for protecting the root privilege according to the embodiment of FIG. 4 and FIG. 5, in the embodiment, the protection of the root privilege
  • the device 100 also includes:
  • the reminding module 50 is configured to add a reminder message or a warning message to the pseudo SU program in advance. After receiving the pseudo SU program, the application may output the reminder message or the warning message to remind the user that the root authority fails to be obtained. .
  • a reminder message or a warning message is added to the pseudo-SU program in advance, such as “failure to obtain root authority” or “prohibit obtaining root authority”, etc., to remind the user that the root authority fails to be obtained, or to warn the user for the terminal.
  • the security of the internal data, prohibiting the acquisition of root privileges, and when a malicious application wants to obtain the root program, is used to prompt the user to prevent it.
  • an alert message or a warning message in the pseudo SU program is output.
  • the reminder message or the warning message may be output to the operation interface of the application, or the reminder message or the warning message may be directly outputted to the display interface of the terminal to remind the user.
  • the apparatus for protecting the root authority in the embodiment by adding a reminder message or a warning message to the pseudo SU program in advance, after receiving the pseudo SU program by any application, outputting the reminder message or the warning message.
  • the user can be prompted to obtain the root failure after the terminal root, or the user is prompted to obtain the root permission for the security of the data in the terminal, thereby further protecting the data of the terminal after the root is in the terminal. Security.

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Computer Hardware Design (AREA)
  • Health & Medical Sciences (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Automation & Control Theory (AREA)
  • Storage Device Security (AREA)

Abstract

L'invention concerne un procédé et un appareil de protection d'autorisation racine, faisant appel à : l'ajout préalable d'une variable de pseudo-environnement dans un système d'exploitation d'un terminal (S10); l'obtention d'une priorité de lecture d'un répertoire de mémorisation correspondant à une variable d'environnement pour mémoriser une procédure d'utilisateur de commutateur (SU) dans le système d'exploitation après la détection de la racine du système d'exploitation du terminal (S20); et la configuration d'une priorité de lecture d'un répertoire de mémorisation correspondant à la variable de pseudo-environnement conformément à la priorité de lecture obtenue du répertoire de mémorisation correspondant à la variable d'environnement, la priorité de lecture du répertoire de mémorisation configuré correspondant à la variable de pseudo-environnement étant supérieure à la priorité de lecture obtenue du répertoire de mémorisation correspondant à la variable d'environnement (S30). La présente invention résout le problème technique de l'état de la technique selon lequel l'autorisation racine d'un terminal est complètement exposée après la détection de la racine par le système d'exploitation du terminal et améliore la sécurité des données dans le terminal.
PCT/CN2016/112615 2016-11-17 2016-12-28 Procédé et appareil de protection d'autorisation racine WO2018090452A1 (fr)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201611027602.1 2016-11-17
CN201611027602.1A CN106503570B (zh) 2016-11-17 2016-11-17 保护Root权限的方法及装置

Publications (1)

Publication Number Publication Date
WO2018090452A1 true WO2018090452A1 (fr) 2018-05-24

Family

ID=58327324

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2016/112615 WO2018090452A1 (fr) 2016-11-17 2016-12-28 Procédé et appareil de protection d'autorisation racine

Country Status (2)

Country Link
CN (1) CN106503570B (fr)
WO (1) WO2018090452A1 (fr)

Families Citing this family (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107220538A (zh) * 2017-06-27 2017-09-29 广东欧珀移动通信有限公司 支付类应用程序管理方法、装置及移动终端
CN111353149A (zh) * 2020-02-20 2020-06-30 广东天波信息技术股份有限公司 一种安卓系统的root权限实时检测方法及装置
US11803634B2 (en) 2021-02-25 2023-10-31 International Business Machines Corporation Secure preconfigured profile for role-based access control setup
CN115629772B (zh) * 2022-09-05 2023-09-19 摩尔线程智能科技(北京)有限责任公司 Kubernetes软件安装方法及装置、电子设备

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104134036A (zh) * 2014-07-26 2014-11-05 珠海市君天电子科技有限公司 一种获取Root权限的方法及装置
CN104376263A (zh) * 2014-12-09 2015-02-25 北京奇虎科技有限公司 应用程序行为拦截的方法和装置
US20150281206A1 (en) * 2012-12-20 2015-10-01 Tencent Technology (Shenzhen) Company Limited Method and Device for Implementing a Process Under a Superuser Privilege, and Mobile Terminal
CN105095742A (zh) * 2014-05-15 2015-11-25 宇龙计算机通信科技(深圳)有限公司 移动终端的root检测及恢复方法及移动终端
CN106529332A (zh) * 2016-10-25 2017-03-22 广东欧珀移动通信有限公司 一种移动终端的权限控制方法、装置及移动终端

Family Cites Families (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104572158B (zh) * 2013-10-29 2019-01-04 腾讯科技(深圳)有限公司 一种以超级用户身份运行应用程序方法及装置
CN103559431A (zh) * 2013-11-11 2014-02-05 北京国双科技有限公司 安卓系统用户权限的检测方法、装置和系统
CN104239786B (zh) * 2014-10-13 2017-08-04 北京奇虎科技有限公司 免root主动防御配置方法及装置
KR20160074832A (ko) * 2014-12-18 2016-06-29 주식회사 안랩 Elf 바이너리 분석을 통한 루팅 탐지 방법 및 장치
CN105045625B (zh) * 2015-07-17 2018-07-31 上海斐讯数据通信技术有限公司 一种Android平台下root权限管控方法
CN105468953A (zh) * 2015-12-01 2016-04-06 上海斐讯数据通信技术有限公司 安卓系统电子终端及其root权限获得方法及系统

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20150281206A1 (en) * 2012-12-20 2015-10-01 Tencent Technology (Shenzhen) Company Limited Method and Device for Implementing a Process Under a Superuser Privilege, and Mobile Terminal
CN105095742A (zh) * 2014-05-15 2015-11-25 宇龙计算机通信科技(深圳)有限公司 移动终端的root检测及恢复方法及移动终端
CN104134036A (zh) * 2014-07-26 2014-11-05 珠海市君天电子科技有限公司 一种获取Root权限的方法及装置
CN104376263A (zh) * 2014-12-09 2015-02-25 北京奇虎科技有限公司 应用程序行为拦截的方法和装置
CN106529332A (zh) * 2016-10-25 2017-03-22 广东欧珀移动通信有限公司 一种移动终端的权限控制方法、装置及移动终端

Also Published As

Publication number Publication date
CN106503570B (zh) 2020-01-14
CN106503570A (zh) 2017-03-15

Similar Documents

Publication Publication Date Title
WO2018090452A1 (fr) Procédé et appareil de protection d'autorisation racine
WO2019227557A1 (fr) Procédé de gestion de clé, dispositif, support de stockage et appareil
WO2018098881A1 (fr) Procédé et dispositif de traitement d'accès pour application
WO2018028121A1 (fr) Procédé et dispositif de gestion de l'espace de stockage d'une partition de données
WO2017088664A1 (fr) Procédé et appareil de traitement de données destinés à un système de fichiers en grappes
WO2019051887A1 (fr) Procédé et dispositif permettant de commander un appareil ménager, et support d'informations lisible par ordinateur
WO2013079010A1 (fr) Procédé et dispositif de traitement d'exécution d'application
WO2017190450A1 (fr) Procédé et appareil de clôture de processus
WO2020224247A1 (fr) Procédé, appareil et dispositif de provenance de données basés sur la chaine de blocs, et support d'informations lisible
WO2017063366A1 (fr) Procédé et système de lancement d'une application
WO2013143341A1 (fr) Procédé et dispositif pour la mise à jour de données d'application d'un terminal mobile
WO2017041538A1 (fr) Procédé et dispositif d'affichage commandé par interface utilisateur de terminal
WO2015196960A1 (fr) Procédé et système de vérification de la sécurité d'une url pour un terminal mobile
WO2019205272A1 (fr) Procédé, dispositif et équipement de fourniture de service de machine virtuelle, et support d'informations lisible par ordinateur
WO2018053963A1 (fr) Procédé et appareil de mise à niveau d'un système de téléviseur intelligent
WO2017036204A1 (fr) Procédé et dispositif de positionnement de foyer pour une commutation d'application
WO2017118170A1 (fr) Procédé et système pour personnaliser un dispositif de lancement d'un terminal mobile
WO2017036208A1 (fr) Procédé et système pour extraire des informations dans une interface d'affichage
WO2018233369A1 (fr) Procédé d'écriture basé sur la copie sur écriture et dispositif de disque virtuel, et support de stockage
WO2012028079A1 (fr) Procédé et dispositif servant à importer les données de sauvegarde d'un terminal mobile
WO2016000582A1 (fr) Procédé et dispositif informatique pour effectuer une opération sur une cellule d'icône
WO2017166037A1 (fr) Dispositif et procédé de détection de falsification de données
WO2019085301A1 (fr) Procédé, appareil et dispositif de rétroaction d'appel manqué pour un téléphone fixe, et support de stockage lisible
WO2017215233A1 (fr) Procédé et système de commande d'interrupteur de terminal
CN111373315A (zh) 显示器自动调节亮度的方法、装置及存储介质

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 16921487

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

32PN Ep: public notification in the ep bulletin as address of the adressee cannot be established

Free format text: NOTING OF LOSS OF RIGHTS PURSUANT TO RULE 112(1) EPC (EPO FORM 1205 DATED 04/10/2019)

122 Ep: pct application non-entry in european phase

Ref document number: 16921487

Country of ref document: EP

Kind code of ref document: A1