How does the Android interface work Unix permission wise?

Question

I'd like to know how the backend/permissions work for Android(I'm using v4.1.2 on a s3 mini).



On android, I'm capable of running GUI applications which have different UID/GID-s on the system as seen in ps/top output.



On a linux desktop, all applications you run as your user, unless you use sudo/su to run software as someone else.



So how does android run GUI apps without throwing up permission denied errors and asking for password from the start?



I've looked around on search results and haven't found anyone discussing this.


Just One More Question | Sources

Answer

Android uses (or abuses, depending on your point of view) the Unix user and permissions system for something other than separating different people on the same computer. Instead, it uses them to isolate apps from each other. Each installed package (app) has its own Unix user ID created. The files belonging to that app are owned by that Unix user, and can't be accessed by other Unix users. When an app is started, the zygote process (which is like GNU's init) ensures that it switches to the correct Unix user before running any of the app's code. That way, apps can't read or write files owned by other apps. If they try to do so, they'll get the kind of "permission denied" errors you're asking about.



The GUI really has nothing to do with filesystem permissions, because it's not a file on the filesystem. Only the Android system itself can write to the framebuffer directly: all apps go through Surface Flinger, the GUI compositor, to present their GUIs to be drawn on the screen. This doesn't go through the Unix permission system at all.


Dan Hulme | Sources

Q & A

Does rooting erase?
Clockworkmod doesn't find the update files
Nexus won't boot after update
Set Warranty Bit: Kernel
Allow instant boot after phone with empty battery is connected to power
"Check Your Connection And Try Again" repeated toasts
If I rarely turn off my phone, are there any benefits to encryption still?
Bypass Pattern lock without minimum or no touch of mobile
How to make Google Chrome definitely remain as the desktop version?
What is SELinux and its purpose?
How to turn off screen of android with terminal emulator?
Google now - retraining the voice model
S5 G901f 4G+ on Android 6 is slow to switch tower
Would google apps for a lower android version work for the higher one?
When do I need to enter my password once I encrypted my phone?
"Vendor image does not match the system" message at boot
Using macbook USB charger for android tablets and phones
Platform Certificate
how do you stop the battery animation, which appears when the phone is turned off and the cable is connected or d disconnected?
Storage Space Running Out?

Topics

2D Engines   3D Engines   9-Patch   Action Bars   Activities   ADB   Advertisements   Analytics   Animations   ANR   AOP   API   APK   APT   Architecture   Audio   Autocomplete   Background Processing   Backward Compatibility   Badges   Bar Codes   Benchmarking   Bitmaps   Bluetooth   Blur Effects   Bread Crumbs   BRMS   Browser Extensions   Build Systems   Bundles   Buttons   Caching   Camera   Canvas   Cards   Carousels   Changelog   Checkboxes   Cloud Storages   Color Analysis   Color Pickers   Colors   Comet/Push   Compass Sensors   Conferences   Content Providers   Continuous Integration   Crash Reports   Credit Cards   Credits   CSV   Curl/Flip   Data Binding   Data Generators   Data Structures   Database   Database Browsers   Date &   Debugging   Decompilers   Deep Links   Dependency Injections   Design   Design Patterns   Dex   Dialogs   Distributed Computing   Distribution Platforms   Download Managers   Drawables   Emoji   Emulators   EPUB   Equalizers &   Event Buses   Exception Handling   Face Recognition   Feedback &   File System   File/Directory   Fingerprint   Floating Action   Fonts   Forms   Fragments   FRP   FSM   Functional Programming   Gamepads   Games   Geocaching   Gestures   GIF   Glow Pad   Gradle Plugins   Graphics   Grid Views   Highlighting   HTML   HTTP Mocking   Icons   IDE   IDE Plugins   Image Croppers   Image Loaders   Image Pickers   Image Processing   Image Views   Instrumentation   Intents   Job Schedulers   JSON   Keyboard   Kotlin   Layouts   Library Demos   List View   List Views   Localization   Location   Lock Patterns   Logcat   Logging   Mails   Maps   Markdown   Mathematics   Maven Plugins   MBaaS   Media   Menus   Messaging   MIME   Mobile Web   Native Image   Navigation   NDK   Networking   NFC   NoSQL   Number Pickers   OAuth   Object Mocking   OCR Engines   OpenGL   ORM   Other Pickers   Parallax List   Parcelables   Particle Systems   Password Inputs   PDF   Permissions   Physics Engines   Platforms   Plugin Frameworks   Preferences   Progress Indicators   ProGuard   Properties   Protocol Buffer   Pull To   Purchases   Push/Pull   QR Codes   Quick Return   Radio Buttons   Range Bars   Ratings   Recycler Views   Resources   REST   Ripple Effects   RSS   Screenshots   Scripting   Scroll Views   SDK   Search Inputs   Security   Sensors   Services   Showcase Views   Signatures   Sliding Panels   Snackbars   SOAP   Social Networks   Spannable   Spinners   Splash Screens   SSH   Static Analysis   Status Bars   Styling   SVG   System   Tags   Task Managers   TDD &   Template Engines   Testing   Testing Tools   Text Formatting   Text Views   Text Watchers   Text-to   Toasts   Toolkits For   Tools   Tooltips   Trainings   TV   Twitter   Updaters   USB   User Stories   Utils   Validation   Video   View Adapters   View Pagers   Views   Watch Face   Wearable Data   Wearables   Weather   Web Tools   Web Views   WebRTC   WebSockets   Wheel Widgets   Wi-Fi   Widgets   Windows   Wizards   XML   XMPP   YAML   ZIP Codes