A set of commits have recently been pushed to the Android Open Source Project that seeks to harden the platform against malicious attacks. But while the intention is definitely good, this new feature could very well spell disaster for the dozens of root apps out there.
These code changes were pointed out to Chainfire, developer of one of the most popular root access management apps available, SuperSU. After realizing the far-reaching implications of this new feature, he took to Google+ to call attention to it in the hopes of alerting other root app developers and hopefully even Google’s developers as well.
The security feature uses SELinux, which was introduced in Android 4.3, to prohibit files under the /data partition with the unconfirmed domain tag from being executed. This block was put in place to prevent rogue apps from getting unauthorized access. Unfortunately, that security hole, if one can call it that, is the very same mechanism used by root apps to work. Thus, if that new feature makes its way to the next Android version unchanged, a good number of, but not all, root apps will no longer work out of the box.
The situation isn’t totally hopeless but definitely needs to be addressed as soon as possible. There are possible workarounds possible, but there isn’t any solution that would work for all root apps. It is also possible for Android developers to find a better way of protecting the platform without removing the possibility of running root apps on Android in the future.