Hi! I am not rooted and used secure folder extensively. But on Oreo, if I click on fields the host keyboard pops up and every input is recognized so not safe. I also can't change input method within Secure Folder. Is this caused by Oreo and usual? Others who have or don't have this problem on Oreo?
I have the same problem, and it appeared right after Oreo update
Same here. Even the keyboards clipboard (swiftkey keyboard) is shared between secure folder and host system. Though swiftkey is not even installed in secure folder. The shared clipboard is a real Security breach in secure folder / knox. Secure folder is just an Alibi if such a thing is possible then knox is not what it claims to be.
Related
as xposed for nougat is already arrived officially many modules are not working
there is either File Based Encryption in data partition or by wiping data partition from twrp removes it
anybody able to read shared_prefs either with FBE or without it successfully so that it works properly,if that so please let us know how so that other module developers can fix their modules as well
the issue is that you can not read Preferences like used to before
HTML:
pref = new XSharedPreferences(BuildConfig.APPLICATION_ID);
so any values saved in shared_prefs can not be read by xposed at the moment on nougat atleast on galaxy s7 930F
i am looking for workaround,i tried putting prefs in /data/here it works but not so stable
This seems to work OK for me:
https://developer.android.com/refer...xt.html#createDeviceProtectedStorageContext()
https://developer.android.com/refer...renceManager.html#setStorageDeviceProtected()
I adjusted one of my modules to use Device Protected Storage and it seems to initialize preferences fine on FBE devices.
i need tester for this
because i am unable to boot if i flash magisk or supersu without formating data partition ,so i format /data partition and rooted which eventually remove encryption from /data partition so unable to test
i saw your commit but would be fine if i got tested with encrypted /data partition to test
C3C076 said:
This seems to work OK for me:
https://developer.android.com/refer...xt.html#createDeviceProtectedStorageContext()
https://developer.android.com/refer...renceManager.html#setStorageDeviceProtected()
I adjusted one of my modules to use Device Protected Storage and it seems to initialize preferences fine on FBE devices.
Click to expand...
Click to collapse
I have the same issue. To fix it, actually, we don't need to touch device protected storage. But we do need to set up the package folder permission and the preference file permission.
I set the folder to 711, and the file to 644. Then the preference works well. XSharedPreference.makeWorldReadable should set the file permission. And you may need to set up the folder permission manually with setExecutable(true, false).
guangyu.zhou said:
I have the same issue. To fix it, actually, we don't need to touch device protected storage. But we do need to set up the package folder permission and the preference file permission.
I set the folder to 711, and the file to 644. Then the preference works well. XSharedPreference.makeWorldReadable should set the file permission. And you may need to set up the folder permission manually with setExecutable(true, false).
Click to expand...
Click to collapse
The thing is OS automatically changes permissions of preference files back and removes readable flags. This happens when preferences are committed to the filesystem.
To work around this I had to implement a solution that tracks those changes and adjusts permissions as necessary.
https://github.com/GravityBox/Gravi...o/nougat/gravitybox/SettingsManager.java#L371
https://github.com/GravityBox/Gravi...ougat/gravitybox/WorldReadablePrefs.java#L157
C3C076 said:
The thing is OS automatically changes permissions of preference files back and removes readable flags. This happens when preferences are committed to the filesystem.
To work around this I had to implement a solution that tracks those changes and adjusts permissions as necessary.
https://github.com/GravityBox/Gravi...o/nougat/gravitybox/SettingsManager.java#L371
https://github.com/GravityBox/Gravi...ougat/gravitybox/WorldReadablePrefs.java#L157
Click to expand...
Click to collapse
Yeah, you're right. So we need to proactively set it readable to work around it.
By the way, Gravity Box is a great project. It helps me a lot on the exposed development.
Hello, Can i help me.
Android 7.1.1 (Nougat) can not be used XSharedPreference can not read the contents of the file,How to solve this problem?Thank you
I've been trying to read Magisk modules documentation and I've made a few personal modules to replace/add files, but how to remove files?
For instance, what do I need to do in a module to remove some system app like it was never installed?
Use this:
https://github.com/topjohnwu/Magisk/blob/master/docs/tips.md#remove-folders
It'll be like all files in the target folder is deleted.
@Didgeridoohan That's it, thanks. How do I mark your answer as accepted?
Thank you.
With all the respect to topjohnwu, the linked answer is not 100% precise. If you replace system files with the empty copies, their functionality will be disabled of course, but their existence in the system will still be detectable, though the files cannot be considered as "really deleted". I can personally think of at least few scenarios when the above makes difference.
For example, there is a popular issue with Netflix not working at all on many devices with tampered boot partition (and tampering boot partition is unfortunately
required when installing any systemless root solution like Magisk...) due to the fact that the HD playback DRM library located at /system/lib/liboemcrypto.so (or /vendor/lib/liboemcrypto.so) cannot access DRM keys located in Trusted Zone and fails to do its decoding job. The popular solution is to delete the liboemcrypto.so from the system, then device shall stop trying to play HD content via non-functional HD DRM engine and it shall switch to SD DRM mode which is not dependent on hardware decoding. In result, Netflix will start to work (in SD only mode, though, but it's more than nothing...).
In above scenario, replacing liboemcrypto.so with empty file with the same name will not work. That's because Android assumes that the HD DRM is available basing only on the liboemcrypto.so existence, without checking its content or size.
My own solution when making a Magisk Module which aims to delete some file is to override that file with its copy (and its content does not really matter, it might be 1:1 copy of original as well as 0 bytes empty file...) and additionally: to set its permissions to 000 - it can be easily achieved by editing the permissions part of module's config.sh when creating a module. After installing and enabling such a module, the subject file will still exist, but it won't be seen by the system and apps at all, as the 000 permissions make it absolutely forbidden to interact with the file at all, in any way, by any user (including "system") except root.
In the summary: approach proposed above should guarantee not only that the selected files functionality will be disabled but also that the system and third party user apps shall consider that files as totally non-existent, which i find a real equivalent of deleting the file.
I'm not sure I understood everything you said but the solution above works for my use case. For instance, I have this on my module:
Code:
REPLACE="
/system/priv-app/InCallUI
"
And after enabling my module and rebooting the device, browsing to /system/priv-app/InCallUI/, there's only one file there, ".replace". The .apk from that app is not available/visible anywhere. Launchers to do not detect this app, apps which list installed apps (user or system) do not show this "removed" app.
For all intents and purposes, it works for what I personally want to achieve.
Good day,
I recently discovered malware in the root directory under the / prism folder that installed an app called Yandex into my system and contained various hidden APKs. (and files with .sogou at the end).
These manipulated my internet browser in some way and I was only able to remove them by flashing the stock rom.
Now I get the message from TWRP that the partition / prism could not be mounted. Even so, everything seems to be working fine on the device.
Now there is no more content in the / prism directory. What is usually stored there and what is its purpose?
Do I have to rework something?
I can't find an explanation anywhere else on the Internet ...
Thank you and best regards
According to https://github.com/PrismLibrary/Prism
Prism provides an implementation of a collection of design patterns that are helpful in writing well-structured and maintainable XAML applications, including MVVM, dependency injection, commands, EventAggregator, and others.
Click to expand...
Click to collapse
In short Prism is a framework to build applications which in turn it's built on top of another framework called Xamarin (XAML for Android).
As of why it's in the root directory I suspect is part of AppCloud, Samsung's system app, that basically does remote installation of apks.
If it is correlated to AppCloud (Big IF) then:
If you are rooted and on stock OS and have that app enabled it's not far fetched to think that there is an exploit for it out there and basically anyone could remote install any APK through root privileges and the backdoor that AppCloud system app gives the.
It's could be as easy as editing a file from within the malicious app which could change the behaviour and URL from which it fetches the needed apks. Whereas installing apks from within the malicious app needs explicit OS permissions (which AppCloud has).
I too had apps installed post-upgrade by the AppCloud system app, but I don't have root to analyse this further so all the above are just speculations based on the two things you said and my previous observations.
In the end you could have contracted the malware in a million different ways. That's how it goes with root access on OS and careless root management.
I have to admit that I was too careless with root privileges and experimented with little knowledge.
Hope that helps others to deal with it more intensively beforehand.
Your explanation helped me, the problem is a bit more serious, it is probably about corrupt security certificates in the system that are administered from outside
In this case, is it even possible to reset or delete the CA certificates? I guess I fell into a spoofing trap.
Maybe flash the stick rom again through Odin?
Is that embarrassing: D
Sorry for the graveyard post but I don't see any other threads about this.
Prism is the name of the NSA surveillance program. I guess that this is exactly that.
It's hidden because you can only see that it exists with root and most people don't have root.
I have this folder too on my rooted Galaxy Fold 4. It was already in the stock ROM and I cannot remove it because the directory is mounted as read only.
If found the mounts file (which is also read-only) and it says:
Code:
/dev/block/platform/soc/1d84000.ufshc/by-name/prism /prism ext4 ro,seclabel,relatime,i_version 0 0
I tried to give me the permission to write / delete the folder but "permission denied" ... and yes I did that as root.
Nexariuss said:
Sorry for the graveyard post but I don't see any other threads about this.
Prism is the name of the NSA surveillance program. I guess that this is exactly that.
It's hidden because you can only see that it exists with root and most people don't have root.
I have this folder too on my rooted Galaxy Fold 4. It was already in the stock ROM and I cannot remove it because the directory is mounted as read only.
If found the mounts file (which is also read-only) and it says:
Code:
/dev/block/platform/soc/1d84000.ufshc/by-name/prism /prism ext4 ro,seclabel,relatime,i_version 0 0
I tried to give me the permission to write / delete the folder but "permission denied" ... and yes I did that as root.
Click to expand...
Click to collapse
did you ever find anymore about this? ive found it on two of my phones. both samsung. cant find much online about it...
hey, i'm not sure what happened so i'm not sure if it will last, but i managed to use the samsung secure folder on my twrp/magisk rooted Android 10 A20, and i am using right now. I looked a lot on how to do this and the most famous alternative was the smali patcher module, I followed the procedures in windows and created the magisk module, but after installing it didn't work, so I ended up finding this other module (General PATCHs for Samsung) and installed it too, and tried it every way open the secure folder, but it didn't work either, the unofficial OS error always appeared on the screen, and there were many times, like 30...but an hour took a lot longer to create the secure folder and it gave an error too, I found it strange and tried more times then after several attempts it appeared again, and this time when creating the secure folder I exited the app, it closed by itself, but I noticed that the secure folder option in the notification bar had activated, but no icon appeared, so I searched in the finder and opened it, put an password and puff, there was the secure folder. I hope it helps someone, because a read a lot about how impossible are to do this, i dont know how work, maybe Knox realized how stubborn I am and decided to release the secure folder for me
Also, sorry for the bad english
can you give me download link?
Hi,
i have problems with file access under latest android 11 rooted firmware. I want to connect through ftp and want to backup files from internal storage and sdcard but with primitive ftpd and rooted access i can not see content in /storage/emulated/0 for me its empty :-(.
I have problems with a tasker task to move files from internal to external storage after the firmware update.
Is there any way to get access again with ftp for the full file system with root?
best regards,
Thomas
Hello,
I just want to know if it was a temporary problem or it's the same on Android 12 too ?
If not, how did you fix this problem please ?
Thank you
the problems exists still on the latest Android 12 version on S10e so still no solution yet :-(
My guess is that this isn't a problem with Android, but that your FTPd service doesn't have root access. If it doesn't have root access, it can't see the folder. If it's not "root aware" it won't be able to ask for root access either. That's my guess.
I'm not familiar with "primitive ftpd" so I don't know if it has this capability, maybe it does.
In the past, for remote access, I have used some file explorer apps that have root capability... those allowed me to remote into the phone. But that was a long time ago - these days I just connect from my phone to the network drive instead, and push files that way (instead of "pulling" from a remote server). This is safer since you aren't leaving an open FTP socket on the phone, which is a bad idea from a security standpoint.
till the last december update (this was an update i made maybe after about one year without updates) all access was fine and since then every access is impossible, its not only ftp, its tasker shell with root access too, worked before fine and now its horrible,
Samsung seems to break some folders, you can access the external sd card with /storage/emulated/[idforsdcard]/ but if you go one level up the folder /storage/emulated/ ist empty and does not show any subfolder, same if you are in /storage/emulated/0/Android and enter the data subfolder samsung takes you to /data
it is so strange what samsung does i don't understand
Thank you very much for your answer
Sorry for this ridiculous question, but even a factory reset can't help you regain access to all your folders ?
Precisely, I also see that Samsung is restricting its phones more and more so that we can't use many functions of our phones as before
I'm currently on Android 10, but with all that I hear, I'm afraid of Android 11 and Android 12
i have fresh installed VC6 Firmware (Android 12 March Update) with factory reset and all access problems still the same, so its the "scoped storage" feature and maybe some samsung addons what leads to this problems
if you want full access to your phone then Android 11 & 12 makes it hard to get and some apps are not optimized for this new scoped storage
FWIW, I have a non-rooted, pure stock phone. I can use FX to go to /storage/emulated/0 and see everything properly. I'm on A11, Snapdragon, S10+.
This implies your app is not being allowed to see the storage. This seems to confirm that it's an app issue - ie, the FTPd may not be able to deal with the new structures on A11/A12. As you noted, it might be this "Scoped Storage" feature... which the app is not able to work with?