Can Virus Rewrite Permissions?

Search This thread
By:
Advanced…
Irwenzhao

Irwenzhao

Senior Member
Nov 23, 2013
895
368
Singapore
derod said:
Can virus disguised in some apps rewrite permissions to allow them access to personal data?
Click to expand...
Click to collapse

Don't think they can unless they have root permissions, which the user have to allow/deny (unless the user sets the SuperSU to auto allow, which is stupid)

Smack that Thanks button if I helped!
XDAing from a N7105 powered by Illusion ROM.
Sent from a small country called Singapore.
P.S. Time for school, not much time for XDA :(
 
jcase

jcase

Retired Forum Mod / Senior Recognized Developer
Feb 20, 2010
6,308
15,761
Raleigh NC
derod said:
Can virus disguised in some apps rewrite permissions to allow them access to personal data?
Click to expand...
Click to collapse

Any application that can gain root privileges can "rewrite" permissions, or give apps permissions they were previously denied. Given if an app can escalate that far, they dont need more permissions.

Second option would be a silent install vulnerability, allowing another app to sideload a new one. Look at my LGInstallServices vulnerability as a prime example.

Irwenzhao said:
Don't think they can unless they have root permissions, which the user have to allow/deny (unless the user sets the SuperSU to auto allow, which is stupid)

Smack that Thanks button if I helped!
XDAing from a N7105 powered by Illusion ROM.
Sent from a small country called Singapore.
P.S. Time for school, not much time for XDA :(
Click to expand...
Click to collapse

This is incorrect, superuser/supersu would only impact applications using the associated su binary to gain root. it would have no impact on applications gaining root through another route.
 
  • Like
Reactions: Irwenzhao
Irwenzhao

Irwenzhao

Senior Member
Nov 23, 2013
895
368
Singapore
jcase said:
Any application that can gain root privileges can "rewrite" permissions, or give apps permissions they were previously denied. Given if an app can escalate that far, they dont need more permissions.

Second option would be a silent install vulnerability, allowing another app to sideload a new one. Look at my LGInstallServices vulnerability as a prime example.



This is incorrect, superuser/supersu would only impact applications using the associated su binary to gain root. it would have no impact on applications gaining root through another route.
Click to expand...
Click to collapse

Sorry for wrong information, and thanks @jcase for the right info.

Smack that Thanks button if I helped!
XDAing from a N7105 powered by Illusion ROM.
Sent from a small country called Singapore.
P.S. Time for school, not much time for XDA :(
 
derod

derod

Member
Jan 16, 2014
34
2
jcase said:
This is incorrect, superuser/supersu would only impact applications using the associated su binary to gain root. it would have no impact on applications gaining root through another route.
Click to expand...
Click to collapse

Youre saying that as long as youre rooted that apps wont be affected by virus?
 
jcase

jcase

Retired Forum Mod / Senior Recognized Developer
Feb 20, 2010
6,308
15,761
Raleigh NC
Irwenzhao said:
Sorry for wrong information, and thanks @jcase for the right info.

Smack that Thanks button if I helped!
XDAing from a N7105 powered by Illusion ROM.
Sent from a small country called Singapore.
P.S. Time for school, not much time for XDA :(
Click to expand...
Click to collapse


No worries man, if you see me with wrong info please call it out.
 
W

wk3054

New member
Jan 21, 2014
4
0
Are you sure that the app would need root? I don't need root with CM to change app-permissions.
 
You must log in or register to reply here.

Similar threads

QuynhLy
Netalpha Virus
Replies
6
Views
30K
M
M4175UR
D
[SOLVED]Bypass Google Account Protection after Factory Reset (Galaxy J3)
Replies
30
Views
275K
A
aswath1991
randywhorton
Anti virus / Malware / Firewall
Replies
76
Views
19K
C
cinnaC2C
Diablo67
  • Locked
Android Permissions & Security Explained
Replies
21
Views
19K
V
Villiska
doo_Z
Strange "zygote" process root permissions request
Replies
17
Views
17K
KernelCorn
KernelCorn

Top Liked Posts

24 Hours All time
  • There are no posts matching your filters.
  • 1
    derod
    derod
    Can virus disguised in some apps rewrite permissions to allow them access to personal data?
    View
    1
    jcase
    jcase
    derod said:
    Can virus disguised in some apps rewrite permissions to allow them access to personal data?
    Click to expand...
    Click to collapse

    Any application that can gain root privileges can "rewrite" permissions, or give apps permissions they were previously denied. Given if an app can escalate that far, they dont need more permissions.

    Second option would be a silent install vulnerability, allowing another app to sideload a new one. Look at my LGInstallServices vulnerability as a prime example.

    Irwenzhao said:
    Don't think they can unless they have root permissions, which the user have to allow/deny (unless the user sets the SuperSU to auto allow, which is stupid)

    Smack that Thanks button if I helped!
    XDAing from a N7105 powered by Illusion ROM.
    Sent from a small country called Singapore.
    P.S. Time for school, not much time for XDA :(
    Click to expand...
    Click to collapse

    This is incorrect, superuser/supersu would only impact applications using the associated su binary to gain root. it would have no impact on applications gaining root through another route.
    View

New posts