I want to ditch superuser because of security reasons. Is there a way to use a firewall wothout superuser rights?
Check NetGuard - no root Firewall on the play store.
Oh thank you I don't know why I didn't see that on f-droid.org.
Related
I followed the rooting guide and rooted my new Nexus 4 phone. But when I looking for apps to install on a rooted phone, I stumbled upon a blog post that said that rooting is a huge security risk that allows any installed application to gain root privilege. Is this correct? Is there anything special that I must do to secure root access? I already have SuperSU (free) installed.
The simple answer is that you're already fairly secure with SuperSU or SuperUser. The reality is a bit more complicated though. SuperSU (and SuperUser) are designed to prompt you to provide access to any applications that request root. Any application that 1) does not request root access or 2) is denied root access by the user when prompted, will not have access to root privileges. In theory, I imagine an application could find some obscure exploit in the SuperSU code and get around the access blocking provided by SuperSU, but I think that is fairly unlikely and would be patched quickly after the exploit was found.
As long as you're careful about what you provide root access to (and only provide root access to apps that you think need root, not every app that you think you trust that asks for access) then you should be fine.
raptir said:
The simple answer is that you're already fairly secure with SuperSU or SuperUser. The reality is a bit more complicated though. SuperSU (and SuperUser) are designed to prompt you to provide access to any applications that request root. Any application that 1) does not request root access or 2) is denied root access by the user when prompted, will not have access to root privileges. In theory, I imagine an application could find some obscure exploit in the SuperSU code and get around the access blocking provided by SuperSU, but I think that is fairly unlikely and would be patched quickly after the exploit was found.
As long as you're careful about what you provide root access to (and only provide root access to apps that you think need root, not every app that you think you trust that asks for access) then you should be fine.
Click to expand...
Click to collapse
Thanks raptir. I have one more question. Now that I have rooted the phone, can I block the su binary and enable it only when I need to provide another application with root access? If I do that, will the already approved applications too loose root access?
You could completely unroot the phone which would require you to go through the rooting process again. You could also use a "temp unroot" option like Voodoo OTA Rootkeeper allows, but it wouldn't add anything to security since all it does is move the su binary, not disable it completely. A malicious app could still be written to move the binary back to the proper location.
JoyceBabu said:
Thanks raptir. I have one more question. Now that I have rooted the phone, can I block the su binary and enable it only when I need to provide another application with root access? If I do that, will the already approved applications too loose root access?
Click to expand...
Click to collapse
You can go into SuperSU or SuperUser app and remove "root" access to any apps you have granted "root" to.
baseballfanz said:
You can go into SuperSU or SuperUser app and remove "root" access to any apps you have granted "root" to.
Click to expand...
Click to collapse
Actually, my question was not that. I wanted to retain root access for the apps that I have already given. But no new app should be able to get root access, so that a malicious app will not exploit any security vulnerability of SuperSU as raptir mentioned.
JoyceBabu said:
Actually, my question was not that. I wanted to retain root access for the apps that I have already given. But no new app should be able to get root access, so that a malicious app will not exploit any security vulnerability of SuperSU as raptir mentioned.
Click to expand...
Click to collapse
Gotcha! Any new app will ask for root permission. You can deny them.
Yeah, I threw that part in about the potential for an app to circumvent the security just as a disclaimer. As far as I know it has never happened, and it may not even be possible.
I've granted su/root access to some apps but want to revoke that now (per app - not globally). Usually there's an option/list to manage this (CM11 and earlier) but i cannot find that in CM12. Anyone know how to revoke su individually for once granted apps? Please note this question is about the built-in Superuser not Chainfires SuperSU.
Isn't there any Superuser option in the settings?
There needs to be something.
Root access is managed in Settings-Privacy-Privacy Guard in cm 12.
Hope it helps.
Yep, thanks. They could at least have given an info on the popups for that.
Ive tried droidwall, android firewall, afwall+ and none of them are working. They say rules applied but apps are still able to acess the Internet. Anyone know of a working firewall app for 5.1.1? I don't really want to use xprivacy just to block some apps from connecti MG to the internet.
From yesterday onwards WhatsApp is asking root access? Is that any feature with root access or they trying to access my phone?
do you have detailed logging enabled? if you have, can you show what is it actually executing? @godwintgn it's really strange
I haven't given the permission to access. I will update the login details if it's ask again
Lol whats app dark side
Could be a fake app, use precaution
Try reinstalling app, install from play store.
Basically i let the app "disable all bloatware" and went along everyday life for a few months
Fast forward to now, i installed and want to use an app that requires root access. But it fails. i investiage and see that SuperSU is disabled in the Package app, i try to enable it but everytime i enable SUperSU( or any app) in Package disabler, it re-enables itself a few seconds later.
I have tried;
1) To click "Enable all Disabled" but it then freezes my phone.
2)Uninstall Package disabler app, but all things disabled are still disabled ever after the uninstall.
3)Using an older version(fails to get authentication)
4)Re-installing SuperSU via Playstore uninstall/install (now visible to click on but says it "root undetected"
After doing step 4, i can see that there is no tick to say it is disabled in package disabler anymore but i still cant grant anything root access like titanium
If Xposed (and any module associated to xposed)still works then i assume i am rooted and something else is at play here?
Any Ideas on whats going on or on how to fix?
So, uninstall PDP and use Titanium Backup.
Same thing but for root so you can actually uninstall anything you want as well as freeze it.
joe3681 said:
So, uninstall PDP and use Titanium Backup.
Same thing but for root so you can actually uninstall anything you want as well as freeze it.
Click to expand...
Click to collapse
Even Titanium is saying root access failed.
Im guessing something in PDP is blocking the root access grant message, even after uninstalling pdp, i still get root access errors.
Except for Xposed as that and Snappreffs(module) still works.
weho2 said:
Even Titanium is saying root access failed.
Im guessing something in PDP is blocking the root access grant message, even after uninstalling pdp, i still get root access errors.
Except for Xposed as that and Snappreffs(module) still works.
Click to expand...
Click to collapse
open supersu and change ("I forgot which 1") something about overlay and it should pop up asking for root access from apps again.
MrSteelX said:
open supersu and change ("I forgot which 1") something about overlay and it should pop up asking for root access from apps again.
Click to expand...
Click to collapse
A window pops up only leaving me 1 option of "How to Root" and i cant do anything else.
Is it possible to lose root but still be able to have access/use to Xposed/Xposed modules?
Also if i uninstall PDP. Apps that are blocked by PDP, are still blocked