Search code examples
androidbinaryfilesdirectory-structuredynamic-linking

How to create a symbolic link with short fullpath?

I am editing paths on some binaries short of recompiling them.

I want to replace /lib/ld-linux-armhf.so.3, which I cannot create, by a path of same length, that I can create without rooting the phone. It should be something of the same length because I am editing binaries. I have chosen the path /data/data/com.clk/.so.3, after the different possibilities listed below. What I'm trying to do is create /data/data/com.clk/.so.3, which should be a symbolic link to /data/data/com.spartacusrex.spartacuside/gentoo_armv6l/lib/ld-linux-armhf.so.3

I initially used /proc/5781/cwd/rmhf.so.3, but this is not readable by other applications (which are other linux accounts).

I then tried /data/.tmp, but it is specific to my phone, and not documented according to @ChrisStratton. Same about /data/logcat_log.

/sdcard is excluded because fuse options rw,nosuid,nodev,relatime,user_id=1015,group_id=1015,default_permissions,allow_other restrict links and exectuables and /lib/ld-linux-armhf.so.3 is to be executed.

Does anyone know how else I can accomplish this?

Solution

  • I finally stumbled on a apk, AIDE, that can create simple apk, which does not need any x86 computer and works on the phone itself. Without paying anything, in twenty minutes, I created my first apk, and was able to install it after temporarily authorizating unknown sources. That was my first java program. I chose a short albeit informative name for the apk, com.symli (com. seemed necessary).

    Then I modified the tab MainActivity.java of the editor to get:

    package com.symli;

import android.app.*;
import android.os.*;

public class MainActivity extends Activity 
{
  @Override
  protected void onCreate(Bundle savedInstanceState)
  {
    try
    {
      Runtime.getRuntime().exec("ln -s /data/data/com.termux/com.symli /data/data/com.symli/n");
      Runtime.getRuntime().exec("chmod 1777 /data/data/com.symli");
    } catch (java.io.IOException e) {
    }
    super.onCreate(savedInstanceState);
    setContentView(R.layout.main);
  }
}

    Then I simply clicked on the "run" button, and BOOM the symlink is now here for good, and /data/data/com.symli is itself a world writable directory (with sticky bit set):

    lrwxrwxrwx 1 10150 10150 50 Nov  3 13:17 /data/data/com.symli/n -> /data/data/com.termux/com.symli
drwxrwxrwt 4 10150 10150 4096 Nov  3  2015 /data/data/com.symli

    I have uploaded the resulting .apk to http://sf.net/projects/gentooandroid/files/symlinksForStackoverflowQuestion20459834v2.apk/download (permissions: NONE ! SHA256sum: 01fd17a8700f2cb5b5bb943b38b623b1400679fa03c35ccb204619d1d5d486ff MD5sum: 879af0633504ab25462a1f9b2303587e)