Can someone access private directories on rooted phones?
https://stackoverflow.com/questions/12428962
-
02-07-2021 - |
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
RussianQuestion
Can someone access the database files and/or other files of my app stores in the system's private directories?
I think this can be done on rooted phones, but I am not sure.
I am trying to figure out how secure is to store some sensitive data into database and some other files in private directories.
Solution
Yes. Anyone with a rooted device can access the internal storage of any app. Even other third party apps can access it, so the user isn't the only threat. Possible solutions are to use encryption, and pre defined key pair values systems. For example, if your app has in app currency, instead of storing the raw currency number, you store a number based on an equation. Like number = ((currency *2)+1)/10 where number is what you store in the storage, and currency is the user's currency. That way, unless someone knows the inner algorithms of your app, they can't easily modify it to their benefit.
OTHER TIPS
Some apps can, but user should explicitly give root preveleges to them.
