Check for apps trying to respond to Superuser requests when they're installed.

diff --git a/AndroidManifest.xml b/AndroidManifest.xml
index 16733e5..faca6a2 100644 (file)
--- a/AndroidManifest.xml
+++ b/AndroidManifest.xml
@@ -48,6 +48,12 @@
                 <data android:scheme="package" />
             </intent-filter>
         </receiver>
+        <receiver android:name="InstallReceiver">
+            <intent-filter>
+                <action android:name="android.intent.action.PACKAGE_ADDED" />
+                <data android:scheme="package" />
+            </intent-filter>
+        </receiver>
     </application>
 
     <uses-sdk android:targetSdkVersion="4" android:minSdkVersion="3"/>

diff --git a/res/values/strings.xml b/res/values/strings.xml
index 14c98fe..1b49ffb 100644 (file)
--- a/res/values/strings.xml
+++ b/res/values/strings.xml
@@ -22,6 +22,8 @@
     
     <string name="warning">Warning</string>
     <string name="malicious_app_found">Package %s was found to be requesting permission to respond to Superuser requests. It\'s likely that this app is malicious and attempting to grant superuser access without your knowledge. It\'s recommended that you uninstall it now.</string>
+    <string name="malicious_app_notification_ticker">Potentially malicious app detected</string>
+    <string name="malicious_app_notification_text">%s may be malicious.</string>
     <string name="uninstall">Uninstall</string>
     <string name="uninstall_successful">Uninstall finished</string>
     <string name="report_msg">Would you like to report this package to the developer of Superuser for investigation?</string>

diff --git a/src/com/noshufou/android/su/InstallReceiver.java b/src/com/noshufou/android/su/InstallReceiver.java
new file mode 100644 (file)
index 0000000..0b71d41
--- /dev/null
+++ b/src/com/noshufou/android/su/InstallReceiver.java
@@ -0,0 +1,45 @@
+package com.noshufou.android.su;
+
+import android.app.Notification;
+import android.app.NotificationManager;
+import android.app.PendingIntent;
+import android.content.BroadcastReceiver;
+import android.content.Context;
+import android.content.Intent;
+import android.content.pm.PackageManager;
+import android.content.pm.PackageManager.NameNotFoundException;
+import android.util.Log;
+
+public class InstallReceiver extends BroadcastReceiver {
+
+    @Override
+    public void onReceive(Context context, Intent intent) {
+        PackageManager pm = context.getPackageManager();
+        String packageName = intent.getDataString().split(":")[1];
+        Log.d("InstallReceiver", packageName);
+        
+        if (pm.checkPermission("com.noshufou.android.su.RESPOND", packageName) ==
+                PackageManager.PERMISSION_GRANTED) {
+            CharSequence appName = "";
+            try {
+                appName = pm.getApplicationLabel(pm.getApplicationInfo(packageName, 0));
+            } catch (NameNotFoundException e) {
+                e.printStackTrace();
+            }
+            NotificationManager nm = 
+                    (NotificationManager)context.getSystemService(Context.NOTIFICATION_SERVICE);
+            Notification notification = new Notification(R.drawable.stat_su,
+                    context.getString(R.string.malicious_app_notification_ticker),
+                    System.currentTimeMillis());
+            
+            CharSequence contentTitle = context.getString(R.string.app_name);
+            CharSequence contentText = context.getString(R.string.malicious_app_notification_text, appName);
+            Intent notificationIntent = new Intent(context, Su.class);
+            PendingIntent contentIntent = PendingIntent.getActivity(context, 0, notificationIntent, 0);
+            notification.setLatestEventInfo(context, contentTitle, contentText, contentIntent);
+            notification.flags |= Notification.FLAG_AUTO_CANCEL;
+            nm.notify(0, notification);
+        }
+    }
+
+}