Im trying to Distinguish Btw PID in file auditing [ANDROID X64]
Here Is My C++ Executable Code
#include <iostream>
#include <fstream>
#include <sys/inotify.h>
#include <thread>
#include <unistd>
void FILER() {
std::this_thread::sleep_for(std::chrono::seconds(10));
std::ifstream file("/data/user/0/com.termux/files/home/ok.txt");
if (file.is_open()) {
std::string line;
while (std::getline(file, line)) {
std::cout << "File data: " << line << std::endl;
}
file.close();
}
}
int main() {
int fd = inotify_init();
int wd = inotify_add_watch(fd, "/data/user/0/com.termux/files/home/ok.txt", IN_OPEN | IN_ACCESS);
char buffer[4096];
ssize_t bytesRead;
std::thread printThread(FILER);
while (true) {
bytesRead = read(fd, buffer, sizeof(buffer));
struct inotify_event* event = (struct inotify_event*)buffer;
if (event->mask & IN_ACCESS) {
std::cout << "File accessed" << std::endl;
}
sleep(2);
}
printThread.join();
close(wd);
close(fd);
return 0;
}
As you can see, im checking the file is access or opened by this code and also opening the file after 10seconds from own process, but i cannot distinguish between opening the file from a file manager and opening the same file from own process
I just want to distinguish Between opening the file from other process and opening the file from same process
If inotify cant do that then any other method if possible except linux commands which dosent work in non root environment
Thanks