The announcement of Android 4.3 last month may have disappointed some people in terms of lacking the usual fireworks, but there was a change that caught some developers by surprise: the inclusion of SELinux as Android’s security system. This seemingly small change has caused many an Android geek to worry not exactly about security but about the ability to gain privileged access in the future. The summary of it is that we’ll still be getting root, but getting there will be different.

SELinux is a security system that goes beyond the simple “normal user vs. root user” of a Linux-based system. It offers fine grained control on who can do what. In previous Android versions, a process can simply be launched as root and it will have power to do anything. With the new system, you can still launch a process as root, but it will practically be able to do nothing except what SELinux allows it to do and nothing more.

Two possible ways are currently being investigated to get around this. The first is simple but also tedious. It involves connecting the device to a computer and using the command line to run commands as root using adb, the Android Debug Bridge. This has worked before for developers and will continue to work in the future. But it’s also inconvenient, as you need to always be connected to a computer. Not to mention always having to type commands for every task.

The second way resembles the normal root access but is also the most debated method. This way requires use of a su (super user) daemon, a process that is started up when the Android is started, sits quietly in the background while waiting for it to be called, does its job and then goes back to sitting in the dark. Sounds convenient, right?

The problem is that, as mentioned, the su daemon needs to run when Android is started. And to do this, you need a modified boot image, and there lies the problem. A modified boot image can only be acquired by flashing a custom firmware, something like CyanogenMod. This poses a potential problem for users of “Stock” Android systems, who currently use nothing more than a rooting app.

CyanogenModLogo

It is still not clear whether Google, who is definitely aware of the strong rooting culture in the Android community, is planning to do anything to improve the situation. But as things stand and for the future, gaining root access might require flashing custom firmware.

SOURCE: Android Central

7 COMMENTS

  1. Don’t you already need a custom boot loader to be able to root? Rooting isn’t as simple as downloading the SuperSU app from the Play Store.

    And for those who want to run stock android, it would be very easy for the community to take the AOSP ROM and publish it with the only modification of the included SU daemon, wouldn’t it?

    • for the first question, not all phones need the bootloader unlocked to be rooted. the one x would run rooted with locked bootloader, just no custom recovery or nothing…

      second question, it could be done, but some users are too scared to even flash a rom, hence the love for only rooting and running stock rooted…

    • Rooting, as far as I know, does not requiring flashing (replacing) the bootloader. There are many utilities now that offer “one click” rooting of phones. Of course it’s not an app you install on your phone but something you run on the computer. From what I’ve learned, the most that it flashes is the recovery and cache partitions to be able to install the necessary root binaries. The recovery partition is actually restored to stock.

      The “stock” ROM being mentioned by the source isn’t the vanilla Android that Google releases. It’s the customized Android ROMs distributed by OEM, like Samsung’s TouchWiz-based ROM. I believe those are harder to simply take and modify the same way that CyanogenMod takes AOSP and modifies it.

  2. Yeah I used to be one of those stock aosp root users. Until I got the courage to actually backup the stock ROM with clockworkmod’s recovery app and then just installed CM 10.1.1. Was SOOOOO easy!! I wish I’d have gone pacman. Oh well…another day…just a note…used the motochopper windows .exe programme to get root on both my atrix HD and my nexus 4….and nexus 7! Until Google pushed that damn 4.3! My 7 is now stock again and I can’t back it up w/o root. I know…I should have done it immediately after gaining root. Funny thing is I got root in the morning and by afternoon it was gone.
    🙁

LEAVE A REPLY

Please enter your comment!
Please enter your name here

This site uses Akismet to reduce spam. Learn how your comment data is processed.