3

我正在尝试实现一个用例,在该用例中,在安装应用程序时,所有打印服务都将在 Android 设备上被禁用。

为了实现这一点,我研究了 Android 的设备管理API 功能,但这并不能满足用例。我还研究了 Google 的Android for Work框架并得出以下观察结果/可能的解决方案 -

  1. 通过设置托管配置文件(工作配置文件):这是从 Android 5.0 引入的,但只能管理列表/企业控制,并且无法控制以下链接中提到的其他应用程序 -
  2. 通过编写设备策略控制器 (DPC) 应用程序:为了实现特定的用例,DPC 必须作为设备所有者运行,在这种情况下,需要通过 NFC 完成配置,而且并不简单。此外,此方案通常适用于公司拥有的一次性 (COSU) 设备。

所以我的问题/疑问是 -

  1. 有什么直接的方法可以实现这个用例吗?
  2. 这是否可以实现,因为它违反了 Android 安全模型?
4

1 回答 1

0

  1. You should write your custom DPC. Right now you can do provisioning using several methods. If you have devices which use Android 7 and above you can use QR code provisioning which is quite convenient. For this purpose you can upload your dpc apk to a remote server and write information about the server, application DeviceAdminReceiver and apk checksum to QR code (you can take this QR code as example).

    You can check to google awesome project TestDPC which will give your deep understanding of what is DPC and how can you use it.

    You can read more about provisioning methods in android documentation. Also if you can contact the manufacturer of devices you can ask him to preinstall your custom dpc.

  2. It is achievable and doesn't violate Android Security model because during provisioning your dpc app it get Device Owner (root). So you can do anything without any restrictions. Here you can check device owner API and possibilities. Also take a look at TestDPC source code and you will understand that nothing is impossible with Device owner mode :)

于 2019-02-08T08:06:51.023 回答