What's the difference of /system/app/ and /system/priv-app in Kitkat?

What's the difference of /system/app/ and /system/priv-app in Kitkat? And which app should be put in /system/priv-app?

posted Dec 2, 2013 by Sumit Pokharna

1 Answer

Only apks in /system/priv-app can use "system"-level permissions. Prior to Kitkat, all apks on the system partition could use those permissions.

This change gives the manufacturer more control over access to sensitive permissions by bundled software.

answer Dec 2, 2013 by Deepankar Dubey
Thanks for the clarification.I just want to get more clarity on this,  when you say "system" -level permission. For ex: i have a system app in which i am enabling the gps directly by modifying settings db. Will this behavior get effected if I keep my apk in /system/app folder?
When you say "directly by modifying settings db" do you really mean you are opening the settings database via SQL yourself, independently of the OSs settings provider, or do you mean youre using the correct Settings API for making the change?  Nothing but the settings provider should ever write to its underlying data store.

Assuming you are talking about using the Settings API to write the Settings.Secure.LOCATION_MODE datum, the ability to do that is protected by the "android.permission.WRITE_SECURE_SETTINGS" permission, which is traditionally "signature or system" and in KK is "signature|system|development".  Its that specific use of "system" that I mean when I wrote "system"-level permission.

Your apk will *not* be granted the WRITE_SECURE_SETTINGS permission if it is bundled in /system/app.  As of KK, it is only eligible for "system" permissions if it is bundled in /system/priv-app.
