android - Installing an APK using pm command

Question

I tried updating an APK using this code:

Process process;
process = Runtime.getRuntime().exec(new String[] {"su", "-c", "pm install -r -d"+MyApk.apk});

but it does not work.

This works well when I use it with adb like:

adb shell su -c pm install -r -d /system/app/Community-debug.apk

It also works fine if it has to ask for user permission in order to install like using the intent method.

Answer 1

Your application would need to run as System user to access this level of commands. It cannot be done in any way if your app is distributed using standard channels, e.g. Google Play, installing from SD card, or installing by ADB. None of these would let your app breach the security.

Having said that, there is a way to get it working, but that way is for privileged distribution only. Your app must:

• include android:sharedUserId="android.uid.system" in the AndroidManifest
• be signed with the certificate which is used to sign the rest of the system
• be pre-installed in one of the privileged locations: /system/app, /system/priv-app

Once your app satisfies these requirements, it can execute commands like pm install, even without the su

Needless to say that such options are only available to large bodies like telecom providers who sell their own-branded devices.