I'm trying to write an Android SYSTEM app that extracts the Wifi password from the supplicant configuration file (/data/misc/wifi/wpa_supplicant.conf).

Using adb with root permissions, I can read the file without any problem and see the password in plain text.

However, when I try to open the file programatically I get EACCES (Permission denied) error. That happens even though my app is running as 'system' user (I define android:sharedUserId="android.uid.system" in the manifest), the app is signed with the system private key and pushed into /system/app.

I know for a fact that it can be done using system permissions, because in Android's source code, in frameworks/base/wifi/java/android/net/wifi/WifiConfigStore.java there's a code that reads this file. This code runs under the 'system_server' process, which is using the 'system' user, just like my app.

My code to open the file that fails:

reader = new BufferedReader(new FileReader(SUPPLICANT_CONFIG_FILE));

If both apps run with the 'system' user and have system permissions, how come system_server can read this file and my app fails? What am I missing?

Please do not suggest solutions that rely on root access, since it's irrelevant in my case. I need a solution that is based on system permissions only, not root.