确定 Android 设备是否以编程方式植根?
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/3424195/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
Determining if an Android device is rooted programmatically?
提问by Pentium10
Possible Duplicate:
Determine if running on a rooted device
可能的重复:
确定是否在有根设备上运行
How do you determine (programmatically) if an Android device is: rooted Running a cracked copy of your software or rom.
您如何(以编程方式)确定 Android 设备是否为: root 运行您的软件或 rom 的破解副本。
I have some sensitive information in my database, and I would like to encrypt it when the phone is rooted aka the user has access to the database. How do I detect that?
我的数据库中有一些敏感信息,我想在手机扎根时对其进行加密,即用户有权访问数据库。我如何检测?
采纳答案by peceps
Rooting detection is a cat and mouse game and it is hard to make rooting detection that will work on all devices for all cases.
生根检测是一个猫捉老鼠的游戏,很难使生根检测适用于所有情况下的所有设备。
See Android Root Beerhttps://github.com/scottyab/rootbeerfor advanced root detection which also uses JNI and native CPP code compiled into .so native library.
请参阅Android Root Beer https://github.com/scottyab/rootbeer以获取高级根检测,它也使用 JNI 和编译成 .so 本机库的本机 CPP 代码。
If you need some simple and basicrooting detection check the code below:
如果您需要一些简单和基本的生根检测,请检查以下代码:
/**
* Checks if the device is rooted.
*
* @return <code>true</code> if the device is rooted, <code>false</code> otherwise.
*/
public static boolean isRooted() {
// get from build info
String buildTags = android.os.Build.TAGS;
if (buildTags != null && buildTags.contains("test-keys")) {
return true;
}
// check if /system/app/Superuser.apk is present
try {
File file = new File("/system/app/Superuser.apk");
if (file.exists()) {
return true;
}
} catch (Exception e1) {
// ignore
}
// try executing commands
return canExecuteCommand("/system/xbin/which su")
|| canExecuteCommand("/system/bin/which su") || canExecuteCommand("which su");
}
// executes a command on the system
private static boolean canExecuteCommand(String command) {
boolean executedSuccesfully;
try {
Runtime.getRuntime().exec(command);
executedSuccesfully = true;
} catch (Exception e) {
executedSuccesfully = false;
}
return executedSuccesfully;
}
Probably not always correct. Tested on ~10 devices in 2014.
可能并不总是正确的。2014 年在大约 10 台设备上进行了测试。
回答by oli
If the information is sensitive you should probably just encrypt it for all users. Otherwise a user could install your app unrooted, then root and read your database once the data's been written.
如果信息是敏感的,您可能应该为所有用户加密它。否则,用户可以无根安装您的应用程序,然后在写入数据后根并读取您的数据库。
回答by Christian
The official licensing guidesays:
在官方许可指南说:
A limitation of the legacy copy-protection mechanism on Android Market is that applications using it can be installed only on compatible devices that provide a secure internal storage environment. For example, a copy-protected application cannot be downloaded from Market to a device that provides root access, and the application cannot be installed to a device's SD card.
Android Market 上传统复制保护机制的一个限制是使用它的应用程序只能安装在提供安全内部存储环境的兼容设备上。例如,受版权保护的应用程序无法从 Market 下载到提供 root 访问权限的设备,并且该应用程序无法安装到设备的 SD 卡。
It seems that you would benefit from using that legacy cop-protection to prevent your application from being installed on rooted devices.
使用传统的 cop-protection 来防止您的应用程序安装在有根设备上似乎会让您受益。
You might release a separate version that can be installed on rooted devices with an encrypted database.
您可能会发布一个单独的版本,该版本可以安装在具有加密数据库的 root 设备上。
