Nous utiliserons:
Cherchons le chemin de l'application Word
$ pm list packages -f | grep word | sort | sed 's/package://' /system/priv-app/Word_SamsungStub/Word_SamsungStub.apk=com.microsoft.office.wordAvec aapt explorons
$ /data/local/tmp/aapt-arm-pie d permissions /system/priv-app/Word_SamsungStub/Word_SamsungStub.apk package: com.microsoft.office.word permission: com.microsoft.office.word.permission.CONTENT_WRITE uses-permission: name='android.permission.WRITE_EXTERNAL_STORAGE' uses-permission: name='android.permission.INTERNET' uses-permission: name='android.permission.ACCESS_NETWORK_STATE' uses-permission: name='android.permission.GET_ACCOUNTS' uses-permission: name='android.permission.MANAGE_ACCOUNTS' uses-permission: name='android.permission.AUTHENTICATE_ACCOUNTS' uses-permission: name='android.permission.USE_CREDENTIALS' uses-permission: name='android.permission.ACCESS_WIFI_STATE' uses-permission: name='android.permission.READ_USER_DICTIONARY' uses-permission: name='android.permission.WRITE_USER_DICTIONARY' uses-permission: name='android.permission.WAKE_LOCK' uses-permission: name='android.permission.RECEIVE_BOOT_COMPLETED' uses-permission: name='com.android.alarm.permission.SET_ALARM' a/local/tmp/aapt-arm-pie d permissions /system/priv-app/Word_SamsungStub/Word_SamsungStub.apkAvec appops
$ cmd appops get com.microsoft.office.word READ_EXTERNAL_STORAGE: allow; time=+26m42s911ms ago WRITE_EXTERNAL_STORAGE: allow; time=+26m42s911ms ago RUN_IN_BACKGROUND: ignore; time=+7h41m45s554ms ago; rejectTime=+26m42s788ms agoEt enfin avec dumpsys
$ dumpsys package com.microsoft.office.word | sed -n '/requested permissions/,/User 0/p' requested permissions: android.permission.WRITE_EXTERNAL_STORAGE android.permission.INTERNET android.permission.ACCESS_NETWORK_STATE android.permission.GET_ACCOUNTS android.permission.MANAGE_ACCOUNTS android.permission.AUTHENTICATE_ACCOUNTS android.permission.USE_CREDENTIALS android.permission.ACCESS_WIFI_STATE android.permission.READ_USER_DICTIONARY android.permission.WRITE_USER_DICTIONARY android.permission.WAKE_LOCK android.permission.RECEIVE_BOOT_COMPLETED com.android.alarm.permission.SET_ALARM android.permission.READ_EXTERNAL_STORAGE install permissions: android.permission.USE_CREDENTIALS: granted=true android.permission.MANAGE_ACCOUNTS: granted=true android.permission.SYSTEM_ALERT_WINDOW: granted=true android.permission.WRITE_SYNC_SETTINGS: granted=true android.permission.RECEIVE_BOOT_COMPLETED: granted=true com.android.alarm.permission.SET_ALARM: granted=true android.permission.AUTHENTICATE_ACCOUNTS: granted=true android.permission.INTERNET: granted=true com.microsoft.office.onenote.permission.CONTENT_READ: granted=true android.permission.ACCESS_NETWORK_STATE: granted=true android.permission.WRITE_USER_DICTIONARY: granted=true android.permission.READ_USER_DICTIONARY: granted=true android.permission.ACCESS_WIFI_STATE: granted=true com.android.launcher.permission.INSTALL_SHORTCUT: granted=true android.permission.WAKE_LOCK: granted=true User 0: ceDataInode=262342 installed=true hidden=false suspended=false stopped=false notLaunched=false enabled=0Oui mais pour lister les packages qui autorisent une permission ? Scriptons:
# la permission voulue permission="READ_SMS: granted=true" # pour chaque package remonté alphabétiquement (sort) par pm list packages # sed pour garder nom package for app in $(pm list packages | sort | sed 's/package://;s/\.apk.*$/\.apk/') do # $tmp récupère le retour de dumpsys package # 2> redirige STDERR vers /dev/null # grep 1ère (-m1) occurence (READ_SMS: granted=true) # et sed pour nettoyer fin de chaîne (true.*$) tmp="$(dumpsys package "$app" 2> /dev/null | grep -m1 "$permission" | sed 's/true.*$/true/')" # si $tmp non vide if [ ! -z "$tmp" ] then # printons printf "|%s|%s|\n" "$(printf "%s" "$app")" "$(printf "%s" "$tmp")" fi done # En inline for app in $(pm list packages | sort | sed 's/package://;s/\.apk.*$/\.apk/') ; do tmp="$(dumpsys package "$app" 2> /dev/null | grep -m1 "$permission" | sed 's/true.*$/true/')" ; if [ ! -z "$tmp" ]; then printf "|%s|%s|\n" "$(printf "%s" "$app")" "$(printf "%s" "$tmp")" ; fi ; doneCe qui donnera:
Package | Concerné |
---|---|
android | android.permission.READ_SMS: granted=true |
com.android.bluetooth | android.permission.READ_SMS: granted=true |
com.android.calllogbackup | android.permission.READ_SMS: granted=true |
com.android.contacts | android.permission.READ_SMS: granted=true |
com.android.inputdevices | android.permission.READ_SMS: granted=true |
com.android.keychain | android.permission.READ_SMS: granted=true |
com.android.location.fused | android.permission.READ_SMS: granted=true |
com.android.mms.service | android.permission.READ_SMS: granted=true |
com.android.phone | android.permission.READ_SMS: granted=true |
com.android.providers.blockednumber | android.permission.READ_SMS: granted=true |
com.android.providers.contacts | android.permission.READ_SMS: granted=true |
com.android.providers.settings | android.permission.READ_SMS: granted=true |
com.android.providers.telephony | android.permission.READ_SMS: granted=true |
com.android.providers.userdictionary | android.permission.READ_SMS: granted=true |
com.android.server.telecom | android.permission.READ_SMS: granted=true |
com.android.settings | android.permission.READ_SMS: granted=true |
com.android.stk | android.permission.READ_SMS: granted=true |
com.android.stk2 | android.permission.READ_SMS: granted=true |
com.android.systemui | android.permission.READ_SMS: granted=true |
com.android.wallpaperbackup | android.permission.READ_SMS: granted=true |
com.dsi.ant.server | android.permission.READ_SMS: granted=true |
com.mobeam.barcodeService | android.permission.READ_SMS: granted=true |
com.samsung.SMT | android.permission.READ_SMS: granted=true |
com.samsung.aasaservice | android.permission.READ_SMS: granted=true |
com.samsung.android.MtpApplication | android.permission.READ_SMS: granted=true |
com.samsung.android.SettingsReceiver | android.permission.READ_SMS: granted=true |
com.samsung.android.app.accesscontrol | android.permission.READ_SMS: granted=true |
com.samsung.android.app.advsounddetector | android.permission.READ_SMS: granted=true |
com.samsung.android.app.aodservice | android.permission.READ_SMS: granted=true |
com.samsung.android.app.appupdater | android.permission.READ_SMS: granted=true |
com.samsung.android.app.assistantmenu | android.permission.READ_SMS: granted=true |
com.samsung.android.app.colorblind | android.permission.READ_SMS: granted=true |
com.samsung.android.app.filterinstaller | android.permission.READ_SMS: granted=true |
com.samsung.android.app.scrollcapture | android.permission.READ_SMS: granted=true |
com.samsung.android.authservice | android.permission.READ_SMS: granted=true |
com.samsung.android.clipboarduiservice | android.permission.READ_SMS: granted=true |
com.samsung.android.communicationservice | android.permission.READ_SMS: granted=true |
com.samsung.android.contacts | android.permission.READ_SMS: granted=true |
com.samsung.android.coreapps | android.permission.READ_SMS: granted=true |
com.samsung.android.dlp.service | android.permission.READ_SMS: granted=true |
com.samsung.android.fingerprint.service | android.permission.READ_SMS: granted=true |
com.samsung.android.fmm | android.permission.READ_SMS: granted=true |
com.samsung.android.hmt.vrsvc | android.permission.READ_SMS: granted=true |
com.samsung.android.incallui | android.permission.READ_SMS: granted=true |
com.samsung.android.lool | android.permission.READ_SMS: granted=true |
com.samsung.android.messaging | android.permission.READ_SMS: granted=true |
com.samsung.android.mhdrservice | android.permission.READ_SMS: granted=true |
com.samsung.android.personalpage.service | android.permission.READ_SMS: granted=true |
com.samsung.android.quickassist | android.permission.READ_SMS: granted=true |
com.samsung.android.securitylogagent | android.permission.READ_SMS: granted=true |
com.samsung.android.sm | android.permission.READ_SMS: granted=true |
com.samsung.android.sm.provider | android.permission.READ_SMS: granted=true |
com.samsung.android.svcagent | android.permission.READ_SMS: granted=true |
com.samsung.android.themecenter | android.permission.READ_SMS: granted=true |
com.samsung.android.universalswitch | android.permission.READ_SMS: granted=true |
com.samsung.android.voicewakeup | android.permission.READ_SMS: granted=true |
com.samsung.clipboardsaveservice | android.permission.READ_SMS: granted=true |
com.samsung.crane | android.permission.READ_SMS: granted=true |
com.samsung.sec.android.application.csc | android.permission.READ_SMS: granted=true |
com.samsung.ucs.agent.boot | android.permission.READ_SMS: granted=true |
com.sec.android.AutoPreconfig | android.permission.READ_SMS: granted=true |
com.sec.android.Preconfig | android.permission.READ_SMS: granted=true |
com.sec.android.RilServiceModeApp | android.permission.READ_SMS: granted=true |
com.sec.android.app.DataCreate | android.permission.READ_SMS: granted=true |
com.sec.android.app.SecSetupWizard | android.permission.READ_SMS: granted=true |
com.sec.android.app.apex | android.permission.READ_SMS: granted=true |
com.sec.android.app.bluetoothtest | android.permission.READ_SMS: granted=true |
com.sec.android.app.camera.plb | android.permission.READ_SMS: granted=true |
com.sec.android.app.factorykeystring | android.permission.READ_SMS: granted=true |
com.sec.android.app.hwmoduletest | android.permission.READ_SMS: granted=true |
com.sec.android.app.parser | android.permission.READ_SMS: granted=true |
com.sec.android.app.personalization | android.permission.READ_SMS: granted=true |
com.sec.android.app.safetyassurance | android.permission.READ_SMS: granted=true |
com.sec.android.app.servicemodeapp | android.permission.READ_SMS: granted=true |
com.sec.android.app.simsettingmgr | android.permission.READ_SMS: granted=true |
com.sec.android.app.sysscope | android.permission.READ_SMS: granted=true |
com.sec.android.app.wfdbroker | android.permission.READ_SMS: granted=true |
com.sec.android.app.wlantest | android.permission.READ_SMS: granted=true |
com.sec.android.cover.ledcover | android.permission.READ_SMS: granted=true |
com.sec.android.diagmonagent | android.permission.READ_SMS: granted=true |
com.sec.android.easyonehand | android.permission.READ_SMS: granted=true |
com.sec.android.emergencylauncher | android.permission.READ_SMS: granted=true |
com.sec.android.emergencymode.service | android.permission.READ_SMS: granted=true |
com.sec.android.gallery3d | android.permission.READ_SMS: granted=true |
com.sec.android.omc | android.permission.READ_SMS: granted=true |
com.sec.android.preloadinstaller | android.permission.READ_SMS: granted=true |
com.sec.android.providers.security | android.permission.READ_SMS: granted=true |
com.sec.android.uibcvirtualsoftkey | android.permission.READ_SMS: granted=true |
com.sec.android.wallpapercropper2 | android.permission.READ_SMS: granted=true |
com.sec.app.RilErrorNotifier | android.permission.READ_SMS: granted=true |
com.sec.automation | android.permission.READ_SMS: granted=true |
com.sec.bcservice | android.permission.READ_SMS: granted=true |
com.sec.enterprise.mdm.services.simpin | android.permission.READ_SMS: granted=true |
com.sec.epdg | android.permission.READ_SMS: granted=true |
com.sec.factory | android.permission.READ_SMS: granted=true |
com.sec.factory.camera | android.permission.READ_SMS: granted=true |
com.sec.ims | android.permission.READ_SMS: granted=true |
com.sec.imslogger | android.permission.READ_SMS: granted=true |
com.sec.imsservice | android.permission.READ_SMS: granted=true |
com.sec.modem.settings | android.permission.READ_SMS: granted=true |
com.sec.phone | android.permission.READ_SMS: granted=true |
com.sec.sve | android.permission.READ_SMS: granted=true |
com.sec.usbsettings | android.permission.READ_SMS: granted=true |
com.sem.factoryapp | android.permission.READ_SMS: granted=true |
com.wssnps | android.permission.READ_SMS: granted=true |
com.wssyncmldm | android.permission.READ_SMS: granted=true |
Ici nous tapons sur l'ensemble des packages, pour filtrer par user utiliser pm list packages -3, possible d'intercaler un grep regex aussi.