标签:
在分析monkey源码的时候有些背景知识没有搞清楚,比如在看到monkey是使用windowmanager的injectKeyEvent方法注入事件的时候,心里就打了个疙瘩,这种方式不是只能在当前应用中注入事件吗?Google了下发现了国外一个大牛有留下蛛丝马迹描述这个问题,特意摘录下来并做相应部分的翻译,其他部分大家喜欢就看下,我就不翻译了。
Behind the scenes, Monkey uses several private interfaces to communicate with three essential system services:
Monkey sends random events to any application you choose. In order to ensure that this doesn’t cause a security hole, Android uses several techniques to ensure that only monkey can send events, and only when the phone’s user is asking it to. Monkey随机的往不同的的app发送随机事件。为了防止这种行为导致android自家的安全漏洞出来,android使用了几个技术来保证只有monkey可以,且在改手机设备用户允许的情况下才可以,往不同的app发送事件。 Firstly, Monkey itself can only be run by root, or by someone in the “shell” Unix group. Normally, only “adb shell” runs as the “shell group”. This means that the only way to run monkey is to do so through “adb shell”. 首先,monkey本身只能一是被root运行,二是被属于shell这个组的成员运行。而正常来说,只有”adb shell“是在shell这个组下运行的。这就意味着运行monkey的唯一方法就是通过‘adb shell’了。 Secondly, the Monkey application, which is mostly written in Java, asks for two special manifest permissions. The first, SET_ACTIVITY_WATCHER, allows Monkey to take control of the activity life-cycle. The second, INJECT_EVENTS, allows Monkey to simulate touches and key presses. Importantly, no normal Android application can request these permissions — they are only granted to applications supplied with the Android system. So there is little danger of a rogue APK taking control of an Android device using Monkey. 其次,monkey这个android自身提供的应用,大部分是用android的native语言java来编写的,它会向系统请求两个特背的manifest权限。第一个就是SET_ACTIVITY_WATCHER这个权限,它允许monkey对activity的生命周期进行全权控制。第二个就是INJECT_EVENTS这个权限它允许monkey去模拟触摸和按键事件。重要的是,正常的安卓app是不能请求到这些权限的--只有android系统同意的应用才会得到允许获得这些权限(译者注:其实就是需要android系统的AOSP系统签名。monkey是android自己维护编写的工具,当然是允许了) 以下是本人摘录的INJECT_EVENTS这个manifest选项的官方解析: INJECT_EVENTS:Allows an application to inject user events (keys, touch, trackball) into the event stream and deliver them to ANY window. Monkey events What is an event? In Android, events are sent in response to user input, or due to system events, such as power management. Monkey supports quite a few event types, but only three of them are of interest for automated testing:
作者 | 自主博客 | 微信服务号及扫描码 | CSDN |
天地会珠海分舵 | http://techgogogo.com | 服务号:TechGoGoGo扫描码: | http://blog.csdn.net/zhubaitian |
Monkey源码分析番外篇之WindowManager注入事件如何跳出进程间安全限制
标签:
原文地址:http://www.cnblogs.com/techgogogo/p/4284821.html