I followed the rooting guide and rooted my new Nexus 4 phone. But when I looking for apps to install on a rooted phone, I stumbled upon a blog post that said that rooting is a huge security risk that allows any installed application to gain root privilege. Is this correct? Is there anything special that I must do to secure root access? I already have SuperSU (free) installed.
The simple answer is that you're already fairly secure with SuperSU or SuperUser. The reality is a bit more complicated though. SuperSU (and SuperUser) are designed to prompt you to provide access to any applications that request root. Any application that 1) does not request root access or 2) is denied root access by the user when prompted, will not have access to root privileges. In theory, I imagine an application could find some obscure exploit in the SuperSU code and get around the access blocking provided by SuperSU, but I think that is fairly unlikely and would be patched quickly after the exploit was found.
As long as you're careful about what you provide root access to (and only provide root access to apps that you think need root, not every app that you think you trust that asks for access) then you should be fine.
raptir said:
The simple answer is that you're already fairly secure with SuperSU or SuperUser. The reality is a bit more complicated though. SuperSU (and SuperUser) are designed to prompt you to provide access to any applications that request root. Any application that 1) does not request root access or 2) is denied root access by the user when prompted, will not have access to root privileges. In theory, I imagine an application could find some obscure exploit in the SuperSU code and get around the access blocking provided by SuperSU, but I think that is fairly unlikely and would be patched quickly after the exploit was found.
As long as you're careful about what you provide root access to (and only provide root access to apps that you think need root, not every app that you think you trust that asks for access) then you should be fine.
Click to expand...
Click to collapse
Thanks raptir. I have one more question. Now that I have rooted the phone, can I block the su binary and enable it only when I need to provide another application with root access? If I do that, will the already approved applications too loose root access?
You could completely unroot the phone which would require you to go through the rooting process again. You could also use a "temp unroot" option like Voodoo OTA Rootkeeper allows, but it wouldn't add anything to security since all it does is move the su binary, not disable it completely. A malicious app could still be written to move the binary back to the proper location.
JoyceBabu said:
Thanks raptir. I have one more question. Now that I have rooted the phone, can I block the su binary and enable it only when I need to provide another application with root access? If I do that, will the already approved applications too loose root access?
Click to expand...
Click to collapse
You can go into SuperSU or SuperUser app and remove "root" access to any apps you have granted "root" to.
baseballfanz said:
You can go into SuperSU or SuperUser app and remove "root" access to any apps you have granted "root" to.
Click to expand...
Click to collapse
Actually, my question was not that. I wanted to retain root access for the apps that I have already given. But no new app should be able to get root access, so that a malicious app will not exploit any security vulnerability of SuperSU as raptir mentioned.
JoyceBabu said:
Actually, my question was not that. I wanted to retain root access for the apps that I have already given. But no new app should be able to get root access, so that a malicious app will not exploit any security vulnerability of SuperSU as raptir mentioned.
Click to expand...
Click to collapse
Gotcha! Any new app will ask for root permission. You can deny them.
Yeah, I threw that part in about the potential for an app to circumvent the security just as a disclaimer. As far as I know it has never happened, and it may not even be possible.
Related
I rooted my phone with the G2 walkthrough in the forums. It had me install Superuser Permissions, which worked at first. Now when I try to use something that required root access it just tells me I do not have root access. When I open the super user program, it just sits at a blank black screen. When I open up a new app(like the 3 different screenshot apps I downloaded) the apps open and tell me I do not have root access. I do have root access because I can get Titanium Backup to run and it also requires root access. I cannot remove/uninstall Superuser Permissions to swap it with another working super user app.
I saw this article http://forum.xda-developers.com/showthread.php?t=682828
I tried to install that app from the market and it fails to install(I assume due to the fact that I already have a super user app running). That said I cannot remove the installed app(thats not working). In that article it says to open terminal and type a "remount" command that may be different for each phone. I tried the command that they suggested(for his Nexus) but it did not seem to work on my G2.
So what do I do? Does anyone know what command I need to run from terminal to complete those directions to get a functioning Superuser app working? Does anyone know how to fix the existing "Superuser Permissions" app? Any suggestions?
try a reboot
Sent from my HTC Vision using XDA App
I already have. The Superuser Permissions app still only comes up with a black screen. No options when I hit "menu" and it does continue to stay active after I back out to the home screen as it does show up in the Task Killer list. That said, I am not getting a pop up that asks if I want to give an app superuser access. The apps that I alraedy had given permissions to(like Titanium Backup) still work fine, but no new app that require SU access will work.
Any other suggestions.
derricks2 said:
I already have. The Superuser Permissions app still only comes up with a black screen. No options when I hit "menu" and it does continue to stay active after I back out to the home screen as it does show up in the Task Killer list. That said, I am not getting a pop up that asks if I want to give an app superuser access. The apps that I alraedy had given permissions to(like Titanium Backup) still work fine, but no new app that require SU access will work.
Any other suggestions.
Click to expand...
Click to collapse
Have you tried clearing data for the Superuser app? See if that resets it to a working state.
did you do a perma root or temp root? If you did the Temp root, then the reboot caused you to lose your root. You need to re temp root then do the perma root.
brfield said:
did you do a perma root or temp root? If you did the Temp root, then the reboot caused you to lose your root. You need to re temp root then do the perma root.
Click to expand...
Click to collapse
Its perm root. I still have the temp root app on the SD card(not installed) but its perm rooted.
ianmcquinn said:
Have you tried clearing data for the Superuser app? See if that resets it to a working state.
Click to expand...
Click to collapse
Well.. not only did that not work, it made it worse. Now my titanium backup(that I have accessed daily for weeks since I rooted my phone) tells me I am not rooted after I cleared the data from the super user program...
And...
Now when I go to terminal and type su I dont get the # anymore.. it says permission denied...
AND
I tried using Visionary for a temp root, and after it trys to temp root, I still cant access SU from terminal.
I have not updated my OS to my knowledge.
Any ideas?
Anyone have any insight into this??
At this point my phone basically isnt rooted anymore. I have even tried visionary and it seems to temp root but nothing works.. I can get SU in terminal etc....
Superuser Permissions is still installed but doesnt work.
I tried using Visionary to remove root. It says my phone doesnt appear to be rooted.
Soo at this point, my phone has none of the advantages of being rooted, yet it is technically rooted(because I cant re-root it the same way using visionary and terminal).
What can I do??
Try installing a new ROM if you already have clockwork installed.
How would I go about permarooting my device. You know. Root without superuser. Run at root level all the time. No bothersome apps. No prompts. Just full access. Anyone? A flashable zip would help.
Cheers in advance.
you5urf said:
How would I go about permarooting my device. You know. Root without superuser. Run at root level all the time. No bothersome apps. No prompts. Just full access. Anyone? A flashable zip would help.
Cheers in advance.
Click to expand...
Click to collapse
So just like SuperUser but in binary form?, that can be dangerous since you cannot deny any infected apps which will use SU to overwrite and brick your device also doing worse like wasting your credit, adding more bills to your credit card and much more horrific stuff so you should stay with the App.
Sent from my Nexus 4 using Tapatalk 4
you5urf said:
How would I go about permarooting my device. You know. Root without superuser. Run at root level all the time. No bothersome apps. No prompts. Just full access. Anyone? A flashable zip would help.
Cheers in advance.
Click to expand...
Click to collapse
You can just set the automatic response in the su app to be "allow", but be careful.
I f you really want not to be bothered by SU requests, disable the notifications and auto-allow every request. Very dangerous, though, as pointed out before
If I helped, hit the thanks button!
Nah. I want exactly what I mentioned in the title. I know how to turn toast off and auto grant access to all sudo requests. What I really want is a handler that by default grants access or a mod that stops me from needing a superuser app. An alternative would be a superuser app that can remember settings and permissions even after a wipe. Thanks
Really? There is no solution for this simple problem? How about a superuser that retains permission settings even after a wipe? Reason i ask is because some of my security apps have to be granted superuser access again after a wipe. This really defeats the purpose of the security application in my eyes.
you5urf said:
Really? There is no solution for this simple problem? How about a superuser that retains permission settings even after a wipe? Reason i ask is because some of my security apps have to be granted superuser access again after a wipe. This really defeats the purpose of the security application in my eyes.
Click to expand...
Click to collapse
Nothing you will do will get you what your looking for. This is a flaw in all security apps. A wipe/flash makes then useless. While I am sure it can be done but I have not seen anything here as it is not safe.
Wayne Tech Nexus
I've granted su/root access to some apps but want to revoke that now (per app - not globally). Usually there's an option/list to manage this (CM11 and earlier) but i cannot find that in CM12. Anyone know how to revoke su individually for once granted apps? Please note this question is about the built-in Superuser not Chainfires SuperSU.
Isn't there any Superuser option in the settings?
There needs to be something.
Root access is managed in Settings-Privacy-Privacy Guard in cm 12.
Hope it helps.
Yep, thanks. They could at least have given an info on the popups for that.
Hi everyone,
I'm having trouble getting root on my Oppo Find 5 ever since I switched to cROMs based on Android 4.4.x or higher.
Until 4.2.x Framaroot apk did the trick for me, but it doesn't seem to work on the newer versions anymore. Right now, I'm using MIUI v7 (Android 4.4.4) and I'm pretty happy with it, but I hate not having root and I can't find anything useful online. Most English threads are from way back where .zip downloads are down already and/or the info is terribly outdated.
Did anyone find a method to root their X909 on Android 4.4.x and above?
I would greatly appreciate any help.
Go to security app in MIUI and go to permissions => Root acces.
boertjeg said:
Go to security app in MIUI and go to permissions => Root acces.
Click to expand...
Click to collapse
It only says that no apps have root permission. Does MIUI have a built-in root access? The Security stuff seems to me like a root manager only, similar to SuperSU and Superuser.
I also downloaded Root Check for whatever it is worth and it says my device is not rooted.
edit: I just checked some other threads and apparently developer versions of MIUI have built-in root access. My X909 is currently running the ported ROM by wuxianlin000000 though. I'm not sure if it's supposed to have root as well.
I tried starting Titanium Backup in hopes of getting a root access request, but it just showed an info box that no root access could be acquired.
I'm running the same rom and I have root acces. Dont know how I enabled it but it wasn't anything I had to flash and pretty sure it was something in settings. Try checking security app root options again and grant root acces to the apps that are listed.
boertjeg said:
Go to security app in MIUI and go to permissions => Root acces.
Click to expand...
Click to collapse
boertjeg said:
I'm running the same rom and I have root acces. Dont know how I enabled it but it wasn't anything I had to flash and pretty sure it was something in settings. Try checking security app root options again and grant root acces to the apps that are listed.
Click to expand...
Click to collapse
I think I'm going to reinstall once again to see if it fixes anything (doesn't bother me that much since I wanted to try LVM installation anyway). Are prerooted cROMs the norm after 4.2.x? Else, I'd still really like to know a root method that works regardless of the ROM.
Short update:
I don't know why but MIUIs root worked when I checked again today. I don't know why, but beforehand there were no "requests" from apps shown under Security > Permissions > Root access. Today, however *something* (I really have no clue what) apparently changed and apps requesting root access are shown and I can grant them access.
So I don't want to upgrade to android 7, ever. At this point I hit "No Thanks" on the upgrade notice and then FC Motorola Update Services, but you need to do that every reboot. Kinda annoying
I want to just remove the Motorola Update Services app from my device but you need to be rooted. Is there a way to get temp su access in a terminal shell to remove the app without having to root?
If not, can someone provide a link to the guide to root Marshmellow? All I can find are a zillion guides to root Android 7, not 6
Thanks
Why won't you upgrade to 7? 6, at this point, is deprecated and insecure.
Anyways, to root MM just flash Magisk.
I wouldn't recommend staying on Marshmallow for whatever reason, but this should help you remove those apps without rooting your phone. Simple manner of how it works - it doesn't remove the app from your memory, but removes it for that particular user. Effectively, you won't save up on space, but the app will be gone.