With the latest Android 5.0 now out of the bag, many are quite eager to have a taste on their device. One subset of the Android community that might not be excited to have a taste of Lollipop are power users who live and thrive with rooted smartphones and tablets. The reason is that in the attempt to make the Android platform more secure, Android developers may have, unintentionally or not, left root devs and users out in the cold, an issue that SuperSU developer Chainfire tries to explain in more detail.
The situation with rooting in Android isn’t clear cut. It is natural and laudable that Android developers strive to make the mobile platform as secure as possible, plugging up holes in the process. But it is also understandable that some users would want functionality and access that Google isn’t willing to hand over, despite the platform’s Linux and open source roots. Rooting is the solution for this but achieving root on a device is practically the same as exploiting security holes in the system, holes that are getting fewer and fewer as Android’s security is gradually improved.
Developers such as Chainfire who have been monitoring the progress of Android 5.0 Lollipop, at least its incarnation in the AOSP source code, have been quite aware of the changes that will step on the rooting territory and practically break things. The good news is that Chainfire is optimistic that rooting will still be possible in Android Lollipop, but it is getting to be quite more difficult to do so. And in some cases, it might become even more of a super power user activity even more than it is today, cutting off a lot of potential new root users. As proof, Chainfire has released two quick band aid fixes for the Nexus 5 and Nexus 7 running on the latest LPX13D developer preview. This would unbreak root on those devices, but the installation method is different, using fastboot images instead of the usual CWM/TWRP recovery images.
The future of rooting on Android 5.0 isn’t something set in stone yet and it depends on how much of the security changes, particularly in SELinux, will make it to the final version of Lollipop, which has still to be released to the public, probably by November. In addition to that, Chainfire also has his own personal vision for rooting on Android. Unlike what some would presume, the developer doesn’t advocate throwing out the baby with the water in terms of security. While there is currently no way to get root without exploiting security holes, he also doesn’t advise turning off all other security features, like turning all of SELinux into permissive mode. He wants to use just enough permissions as necessary without going overboard, quite a balancing feat and definitely a noble goal. Hopefully Google will appreciate the gesture enough to meet root developers half way and help find a compromise that will benefit everyone in the Android community.