CrystalJake CrystalJake - 3 months ago 9
Android Question

what 's difference between android system user and linux root user

When I connect my phone to computer,then I use "adb shell" command to communicate with my phone and input ps command to output processes info that currently run on my phone,I find two special users,one is root,the other is system,as far as I know,android based on linux,so root user is the bigest authority user,but I confuse with system user,maybe I can consider it as a normal user in linux system,But it is special in Android,it has a lot of permissions related to android,so Can someone tell me the real different between root user and system user,and why android need to add a system user?thanks:)

Answer

As far as Linux is concerned, the system user is just a regular user (UID 1000). Android services however give it special permissions and you can get access to pretty much anything. Most services have code like this somewhere:

private static final void enforceSystemOrRoot(String message) {
    final int uid = Binder.getCallingUid();
    if (uid != Process.SYSTEM_UID && uid != 0) {
        throw new SecurityException(message);
    }
}

What that does is deny access to anyone who is not root or system. The shell user (UID 2000) (what you get when doing adb shell) is another user with a lot of power (member of many groups). Cf.

system:

 $ su 1000
 $ id
 uid=1000(system) gid=1000(system)
 groups=1003(graphics),1004(input),1007(log),1009(mount),
 1011(adb),1015(sdcard_rw),1028(sdcard_r),3001(net_bt_admin),
 3002(net_bt),3003(inet),3006(net_bw_stats)

shell:

$ adb shell
shell@android:/ $ id
uid=2000(shell) gid=2000(shell)   
groups=1003(graphics),1004(input),1007(log),1009(mount),
1011(adb),1015(sdcard_rw),1028(sdcard_r),3001(net_bt_admin),
3002(net_bt),3003(inet),3006(net_bw_stats)

Android uses a separate user for every app, and system services also have their dedicated users (media, radio, wifi, etc.). Very few things run as root (mostly native daemons).