09-11-2012 10:52 AM
I'm not sure what you're referring to with "this is not the way QNX works". If you mean QNX outside of the BlackBerry devices, would you say that QNX even has "apps" in those environments?
Anyway, I may be mixing up the ownership of files with the uid/gid that the processes run with, if that's possible. (I didn't think it was.)
I just ran my Battery Guru app on the Dev Alpha and exported the data to CSV.
It creates a folder in shared/documents called BatteryGuru:
drwxrws--- 2 100361000 1000_shared 4096 Sep 11 10:43 BatteryGuru
The contents look like this:
-rw-rw---- 1 100361000 1000_shared 4689463 Sep 11 10:43 export-20120502T132138-20120911T104237.csv
If you look at the installation folder you'll see this:
drwxr-x--- 4 apps 10036 4096 Jul 20 00:42 /apps/ca.engenuity.PowerMon.gYABgAwVSbFH.WUGdVx81i
As you can see, the app assets are group-owned by 10036, which is a unique id that was created for this app when it was installed on this device. The export folder shows that it creates files with a uid formed by basically concatenating the unique group id with "1000", but taken as an integer. (gid * 10000 + 1000, in effect).
Does any of that really describe what the actual app's uid/gid are when it runs? I thought it did, but if you say no, I'll believe it. I know there's a security manager of some sort involved, which could probably affect how much of this works relative to generic posix...
09-11-2012 11:49 AM
you mean every app is ran with different uid and gid??? This is not the way QNX works....
I keep forgetting that here every app is 'sandboxed'. Indeed looks like every application has the same uid=apps and its own gid=10036 (in case of Battery Guru). Otherwise your BG would not be able to write to your app data folder, I suppose it has apps:10036 ownership?
And every folder in shared has drwxrws--- root:1000_shared which means every process can write from/read to any folder in 'shared'.
I have one more question though... On my device I have:
$ ls -l /accounts/1000/appdata/
drwxr-x--- 5 apps 10035 4096 Sep 10 15:38 com.BGmot.BGshellPlus.gYABgFqtoyu3utwrBAQFwGgvBN0
drwxr-x--- 5 apps 10034 4096 Sep 09 16:41 com.ursinepaw.runincrowd.gYABgCyJQ4g0dIUE6nIx3vtN_
What will prevent BGshellPluss app from writing into /accounts/1000/appdata/com.ursinepaw.runincrowd.gY
09-11-2012 11:58 AM
09-11-2012 12:18 PM
Oops, well, with a signed app you may have a bit of trouble checking those permissions and owners. ;-)
Unless you integrate it into the app you won't have much luck, and looking at an unsigned app may give a misleading picture as the apps all run with uid "devuser".
I just installed the original BlackBerry-Py demo from the downloads folder (bbxpython-demo-0.0.2.11.bar) which is a signed app that also happens to allow connecting via telnet to the Python interpreter running in the context of the app.
Here's some useful info:
Python 3.2.2 (default, Feb 18 2012, 09:30:15) [GCC 4.4.2] on qnx6 (MyConsole) >>> import os >>> os.getuid() 102601000 >>> os.getgid() 10260
That matches what I've been saying... plus the extra groups they have for access to the shared folders.
09-11-2012 12:27 PM
Right, I missed 'data' at the end of appdata/com.ursinepaw.runincrowd.gYABgCyJQ4g0dIUE6nIx3vtN_ig/data as an actual appdata folder.
Now everything makes sense.
09-11-2012 06:04 PM
I have basic understanding of Unix. I haven't been an avid user and fan but I have used it a little for at least 15 years (mostly Linux). So I believe I understand the basic concepts.
I have tried everything that I know of, including changing the ownership (chown), but I all get is error message: "operation not permitted".
If you check on crackberry.com forums. Other users have this problem too and their only resolution was to do a security wipe of the device. So if I could make a tool to delete such rouge files, that would be nice.
I've just tried to delete everything above "accounts/1000/shared/video" and was deleted all but these files.
09-11-2012 06:21 PM