個人積分:0分
文章編號:55380579
個人積分:56分
文章編號:55385032
黃金獵獵犬 wrote:
所以你在用Unix 的時候開關wifi 都要使用/dev or Root權限或輸入管理者的密碼才能開關?
...(恕刪)
這是求 科普文章嗎?
好吧~ 只好來抓個 htc 手機的 log
255|shell@mx:/dev $ netcfg
netcfg
dummy0 DOWN 0.0.0.0/0 0x00000082 xx:xx:xx:xx:xx:xx
wlan0 DOWN 0.0.0.0/0 0x00001002 xx:xx:xx:xx:xx:xx
tun0 UP 10.2.3.4/32 0x00000051 00:00:00:00:00:00
sit0 DOWN 0.0.0.0/0 0x00000080 00:00:00:00:00:00
p2p0 DOWN 0.0.0.0/0 0x00001002 xx:xx:xx:xx:xx:xx
lo UP 127.0.0.1/8 0x00000049 00:00:00:00:00:00
rmnet_usb0 DOWN 0.0.0.0/0 0x00000000 00:00:00:00:00:00
rmnet_usb3 DOWN 0.0.0.0/0 0x00000000 00:00:00:00:00:00
rmnet_usb1 DOWN 0.0.0.0/0 0x00000000 00:00:00:00:00:00
rmnet_usb2 DOWN 0.0.0.0/0 0x00000000 00:00:00:00:00:00
rmnet1 DOWN 0.0.0.0/0 0x00001002 xx:xx:xx:xx:xx:xx
rmnet0 DOWN 0.0.0.0/0 0x00001002 xx:xx:xx:xx:xx:xx
rmnet7 DOWN 0.0.0.0/0 0x00001002 xx:xx:xx:xx:xx:xx
rmnet5 DOWN 0.0.0.0/0 0x00001002 xx:xx:xx:xx:xx:xx
rmnet6 DOWN 0.0.0.0/0 0x00001002 xx:xx:xx:xx:xx:xx
rmnet4 DOWN 0.0.0.0/0 0x00001002 xx:xx:xx:xx:xx:xx
rmnet2 DOWN 0.0.0.0/0 0x00001002 xx:xx:xx:xx:xx:xx
rmnet3 DOWN 0.0.0.0/0 0x00001002 xx:xx:xx:xx:xx:xx
shell@mx:/dev $ netcfg wlan0 up
netcfg wlan0 up
action 'up' failed (Permission denied)
1|shell@mx:/dev $
還沒 su 之前 (以 root 身分執行), 不能開關 wifi , 權限不足
然而 UI 卻可以在還沒驗證密碼前, 以 root 身分去開關, 當然是 security issue
個人積分:56分
文章編號:55385141
song945 wrote:
說的一口好技術,不行動等於沒技術,
否則配上標題,還是司馬昭啊......(恕刪)
謝謝您幫忙蓋樓, 感激不盡. 僅回答您的疑問如下:
1. 您如何知道我有沒有反應過? 您是內部人? 不論如何, 請理性討論, 勿指向人身.
我是不 care 這些小地方, 但不想因為幾個人就被鎖文.
2. 目前反方意見, 我還沒看到特別建設性, 如果我有漏失什麼請指正
2-1. 反方原本主張這是 android 5.0 的特色 -> google 已經確認這是 bug 而且處理中
2-2. 反方再來說 google bug, 所以 htc 也沒辦法改 -> 前面已經說明 google 開放原始碼, htc 依此開發它自己的手機程式
2-3. 反方接著說 只要跟 htc 客服反應就好 -> 如果 htc 的問題與建議都只能導向客服, 都不能在討論區討論, 那麼這個討論區剩下什麼可以發文? 開箱文嗎 ?
個人積分:17140分
文章編號:55386840
個人積分:581分
文章編號:55387109
song945 wrote:
如果你覺得在這邊討...(恕刪)
我都已經有點不想理他了...有些用語根本SW RD根本不會這樣說
讓他自己慢慢圓吧~
或許他不懂debug usb permission 與 app的層級不一樣
有些東西從adb下command需要root or 777
app則是不用的...
有時卻是app要system permission
但是adb是不用的
說來說去還是沒有任何google官方證明的文件
對了用x86的思維去看Android是...
至少我遇到的都很悲劇就是
真的很神奇 Ubuntu, OS X, Windows 用訪客模式登入竟然可以開啟或關閉wifi 耶
哇!!!Ubuntu都出到14.4 OS X都出到10.10 windows 8.1 竟然都有這些致命的錯誤
哇!!手機那些快速設定開關在這些系統的訪客模式下竟然也可以開關,音量竟然可以調整真的是該死
wifi竟然可以開關,這麼大的Security issue,竟然連有線網路我也可以控制斷線連線這不可以原諒
挖~!~~手機接OTG去接usd disk 就算鎖定也會直接掛載怎麼辦!!從有android以來到5.1甚至10.1都會有
看來Android沒有Security 可言了
甚麼反方之類的就隨他講了吧...google擺明不理也可以扯這麼多
個人積分:581分
文章編號:55387626
Status: New
Owner: n...@google.com
Cc: n...@google.com, e...@google.com
Type-Defect
Priority-Small
ReportedBy-User
cc 的那兩位主要處理事務為
Android Open Source Project - Issue Tracker
為首要業務
詳細內容為
For information about the Issue Tracker for the Android Open Source Project, see Life of a Bug.
cc代表著請他們去追蹤這兩件事情由他們做第二關過濾
這時過濾後會交由相關的RD部門再由RD部門管理者下去指配
Reported by robhansen0, Nov 17, 2014
Status: New
用一個最新2015/04/16距離發文到現在已經一天來比對
Status: Assigned
Google對於 Issue status 定義
https://source.android.com/source/life-of-a-bug.html
New Issues 定義
New issues include bug reports that are not yet being acted upon. The two states are:
New: The bug report has not yet been triaged (that is, reviewed by an AOSP maintainer.)
NeedsInfo: The bug report has insufficient information to act upon. The person who reported the bug needs to provide additional detail before it can be triaged. If enough time passes and no new information is provided, the bug may be closed by default, as one of the No-Action states.
他們在論壇的流程
簡單來說就是有個管理員
不,應該說是一群管理員在輪班~
Owner:是在輪班的論壇管理員看到
然後再cc給有程式底子的相關人員判斷這是否是真的issue在分配給RD部門這時status就會由New 變成Assigned
以下是官方敘述
This bucket contains bugs that need action, but which are still unresolved, pending a change to the source code.
Unassigned: The bug report has been recognized as an adequately detailed report of a legitimate issue, but has not yet been assigned to an AOSP contributor to be fixed.
Assigned: Like Unassigned, but the bug has been actually assigned to a specific contributor to fix.
就像是昨天有人回應的issue
status就會由New 變成Assigned就已經被正式認為是issue並寫已經份配下去
由於回應的資料參差不齊,有些大部分在第一關就沒人理或者是到第二關也就是cc之後但是狀態status並未變成Assigned
上述有寫
If enough time passes and no new information is provided, the bug may be closed by default, as one of the No-Action states.
簡單來說超過一定的時間還是Status:New就是無回應就是...
個人積分:17140分
文章編號:55389693
個人積分:56分
文章編號:55390498
song945 wrote:
不用特意強調反方,
好像你是代表正義的一方,..(恕刪)
某種程度來說, 我的確看不慣, 這樣的網路霸凌
為何會蓋到第 10 樓?
從前面開始翻閱, 客觀的第三者都能發現, 一堆人對樓主冷嘲熱諷, 實際上這些人根本不見得懂得比別人多, 卻沒有一位真的站在客觀理性的角度去討論問題
不知道何時, 討論區變成這種風氣, 完全無法包納多元的想法. 照理說, 隨著資訊的開放、世界的零時差, 整個新觀念與視野應該更擴大才是.
回到主題, 從學理上來看, 這個議題其實很簡單:
兩種方案:
1. 不加額外設定 : 則有鎖 圖形密碼 或 PIN密碼 , 不可以下拉快捷控制
若只有簡單的滑動解鎖, 允許下拉快捷控制
2. 外加額外設定 : 如 apple 讓 user 可以授權是否鎖上 圖形密碼 或 PIN密碼 後,仍然可以下拉快捷控制
android 今天面臨的問題, 只是 apple走過的老路而已, 實際上也沒甚麼爭議的
個人積分:56分
文章編號:55390507
黃金獵獵犬 wrote:
Issue 79670: Lollipop Lockscreen Quick Settings Security Issue...(恕刪)
感謝您打了一大篇, 其實前面我已經說了, "不需要處理的 bug" 狀態會被設為 No-Action
根據 https://source.android.com/source/life-of-a-bug.html
這邊講解 bug 的生命週期, 關於最終狀態為 "不需要處理的 bug" 有這幾種: 1. 廣告 2. 無法重製 3. 原先刻意的設計 4. 沒有足夠的資訊 5. 使用者錯誤 6. 發錯版了
如果一切如您所言, 這 bug 會被設為 No-Action Issue, 原因則是 WorkingAsIntended
(以下摘錄)
No-Action Issues
This bucket contains bugs that have for one reason or another been determined to not require any action.
Spam: A kind soul sent us some delicious pork products, that we, regrettably, do not want.
Duplicate: There was already an identical report in the issue tracker. Any actual action will be reported on that report.
Unreproducible: An AOSP contributor attempted to reproduce the behavior described, and was unable to do so. This sometimes means that the bug is legitimate but simply rare or difficult to reproduce, and sometimes means that the bug was fixed in a later release.
Obsolete: Similar to Unreproducible, but with a reasonable certainty that the bug did exist in the reported version but was already fixed in a later release.
WorkingAsIntended: An AOSP maintainer has determined that the behavior described isn't a bug, but is the intended behavior. This state is also commonly referred to as "WAI".
Declined: This is like WorkingAsIntended, except typically used for feature requests instead of bugs. That is, an AOSP maintainer has determined that the request is not going to be implemented in Android.
NotEnoughInformation: The report didn't have enough information to be able to take any action.
UserError: The report was the result of a user making a mistake while using Android, e.g. typing a wrong password and therefore not being able to connect to a server.
WrongForum: The report cannot be handled in AOSP, typically because it is related to a customized device or to an external application.
Question: Someone mistook the issue tracker for a help forum.
個人積分:56分
文章編號:55390514
