brunoais 334 Posted February 13, 2020 Share Posted February 13, 2020 Are we able to choose the root password for our phones, for the default installation you provide? In my case, I want to install something like sudo and then remove root password just like I do in my PC. Quote Link to post Share on other sites
Craig 1,435 Posted February 13, 2020 Share Posted February 13, 2020 The phone is shipped with Android with Google GMS. There is a method to get root, but its similar to other Android devices, and you'll end up with an 'su' binary that doesn't require a password. Maybe you intend to run Sailfish, in which case you can select your root password in settings menu, and use devel-su in place of sudo for root stuff. 1 Quote Link to post Share on other sites
brunoais 334 Posted February 14, 2020 Author Share Posted February 14, 2020 11 hours ago, Craig said: Maybe you intend to run Sailfish Maybe. I never used Sailfish and I didn't check it out enough. I just want to be able to have access to some hardware controls (files in "/sys" and whatnot) and I also want to be able to use some apps in android confined environment (including google play) and others which I trust with root access but requiring reauth to run (phone unlocked not enough). Those are the reasons why I asked for such. Does Sailfish provide that? Quote Link to post Share on other sites
Craig 1,435 Posted February 14, 2020 Share Posted February 14, 2020 No. Quote Link to post Share on other sites
VaZso 1,998 Posted February 15, 2020 Share Posted February 15, 2020 On 2/13/2020 at 10:34 PM, Craig said: and you'll end up with an 'su' binary that doesn't require a password. Is it serious? Why? That case I understand why people don't like rooting methods... Is there a correct method which gives root access but not for every apps and not for everybody who has access the phone? I really hate Android handles all of its users as an idiot not giving access to their phone for them but I don't like to be treated as an idiot - and that is why I hate Android. Quote Link to post Share on other sites
Craig 1,435 Posted February 15, 2020 Share Posted February 15, 2020 It doesn't give permission to all apps. If an app requests root access, you get a popup wether to give it now, always, or never. su is the same way, first time you run it you'll get that popup. To prevent others from using phone, you can use lockscreen passwords or pincodes or fingerprints, that's all built in, if you skipped it all during initial setup (like me) you can activate it later if you want it. 1 Quote Link to post Share on other sites
VaZso 1,998 Posted February 15, 2020 Share Posted February 15, 2020 43 minutes ago, Craig said: It doesn't give permission to all apps. If an app requests root access, you get a popup wether to give it now, always, or never. su is the same way, first time you run it you'll get that popup. To prevent others from using phone, you can use lockscreen passwords or pincodes or fingerprints, that's all built in, if you skipped it all during initial setup (like me) you can activate it later if you want it. ...but if I understand well, I would not have an option to enter a password for root every time. I mean root should not be used automatically in any case... if necessary, some permissions may be granted, but not a general access. If (and when) root access is really needed, one should authorize. ...and not allowing root access (in general) like Android's official behaviour is the opposite side of the horse which is also a really bad restriction. Ps: (falling to the) opposite side of the horse is a Hungarian phrase which I don't know if it is a local phrase or something came from another country... So to go to the other extreme but I will leave it there. 🙂 3 Quote Link to post Share on other sites
Polaris 423 Posted February 16, 2020 Share Posted February 16, 2020 3 hours ago, VaZso said: I mean root should not be used automatically in any case... if necessary, some permissions may be granted, but not a general access. If (and when) root access is really needed, one should authorize. ...and not allowing root access (in general) like Android's official behaviour is the opposite side of the horse which is also a really bad restriction. Yet another reason to use LineageOS! You'll have a slider (at least in v.16) that allows you to turn it on and off. There is also an option to select root access for ADB only, apps only, or both ADB and apps. It's a great setup. 2 Quote Link to post Share on other sites
Craig 1,435 Posted February 16, 2020 Share Posted February 16, 2020 (edited) Polaris, root doesn't behave differently under Lineage or stock Android. They're both Android, just lineage is closer to AOSP. But root behaviour is exactly the same. The slider you refer to, it's a toggle allow root access, and comes up for every app that wants root, stock or lineage. There's no significant difference in behavior of stock Android or lineage Android in regards to root. And if I recall right, you actually get three choices as mentioned earlier. Although I guess that's the popup, in settings its either yes or no, cant do the one-time permission that way. edit: okok I guess there's one difference; I think lineage includes root adb shell; and i dont think stock does. (I could be wrong on this btw). But that only really matters before one applies lineage/magisk/supersu root anyway. The adb shell root allows you to play with stuff yourself. Actual root allows you to run apps that require root, to use su cli on device, etc. Please correct me if I'm wrong. I think i'm right, but learning as i go along. I've always just had full root (stock/cm/los PQ, stock Z²F) and never considered use of this adb shell root. And love to be proven wrong. And love to argue when I think I'm right. Edited February 16, 2020 by Craig Quote Link to post Share on other sites
Polaris 423 Posted February 16, 2020 Share Posted February 16, 2020 1 hour ago, Craig said: Polaris, root doesn't behave differently under Lineage or stock Android. They're both Android, just lineage is closer to AOSP. But root behaviour is exactly the same. The slider you refer to, it's a toggle allow root access, and comes up for every app that wants root, stock or lineage. There's no significant difference in behavior of stock Android or lineage Android in regards to root. And if I recall right, you actually get three choices as mentioned earlier. Although I guess that's the popup, in settings its either yes or no, cant do the one-time permission that way. edit: okok I guess there's one difference; I think lineage includes root adb shell; and i dont think stock does. (I could be wrong on this btw). But that only really matters before one applies lineage/magisk/supersu root anyway. The adb shell root allows you to play with stuff yourself. Actual root allows you to run apps that require root, to use su cli on device, etc. Please correct me if I'm wrong. I think i'm right, but learning as i go along. I've always just had full root (stock/cm/los PQ, stock Z²F) and never considered use of this adb shell root. And love to be proven wrong. And love to argue when I think I'm right. I agree with everything you said. I took him to mean that he doesn't want to grant access to an app and then have it indiscriminately be able to access as root at will. If you assign the root permission, but then toggle root off, or switch to ADB only, the apps won't have access until it's toggled back, no? Quote Link to post Share on other sites
VaZso 1,998 Posted February 16, 2020 Share Posted February 16, 2020 5 hours ago, Polaris said: I agree with everything you said. I took him to mean that he doesn't want to grant access to an app and then have it indiscriminately be able to access as root at will. If you assign the root permission, but then toggle root off, or switch to ADB only, the apps won't have access until it's toggled back, no? It remembers me the Windows method where initially they didn't even use permissions, then (by NT) they built up a proper permission system but practically nobody used it in a proper way so they started to restrict root (Administrator) permission and started using popups. Linux also has a proper permission system but it seems Android goes the wrong way by restricting user (giving no root) but the hacked root has no proper permissions. ...this is the worst possible scenario in the means of security I think... 2 Quote Link to post Share on other sites
silversolver 849 Posted February 17, 2020 Share Posted February 17, 2020 OK, there's a lot of confusion here. I believe what @Polaris was describing is the slider in settings on LOS that turns on the root binaries in general. I believe it's under developer options. It's been a long time since I turned it on. If it's off, nothing can even request root. If it's on, any app that needs root still has to request it, a la Windows with its UAC popup, and I believe it's a simple allow or deny with a checkbox to remember your answer, unchecked by default. @VaZso is right to be worried about universal root access, but this is never the case in Android; they thought through the security implications of that. @Craig is mostly correct, except that he forgot the developer root slider. 2 Quote Link to post Share on other sites
david 929 Posted February 18, 2020 Share Posted February 18, 2020 If you are rooting with Magisk, the first time an app requests superuser access, a dialog will pop up: It defaults to "Forever", but you can tap on that and only have it be active until the app is shut down (Once), or you can limit it based on those time limits in the dropdown list. If you set it to Forever and want to change that later, you can go into Magisk Manager and remove the app. The next time you run the app and it wants superuser access, it will pop-up the dialog again. If you want it to ask you ever time you launch the app, then you can pick Once. 3 Quote Link to post Share on other sites
daniel.schaaaf 177 Posted February 18, 2020 Share Posted February 18, 2020 On 2/16/2020 at 1:35 PM, VaZso said: Android goes the wrong way by restricting user (giving no root) but the hacked root has no proper permissions. You might want to read about SELinux 😉 As others pointed out, you may grant root only once, or just for a few minutes. Although I don't quite get the point of restricting root like that. Trusted apps get permanent root on my phones. Untrusted apps never ever get root, not even once. Getting root one time is enough for a malicious app to compromise your system (privilege escalation) ... Quote Link to post Share on other sites
EskeRahn 5,464 Posted February 18, 2020 Share Posted February 18, 2020 1 hour ago, daniel.schaaaf said: You might want to read about SELinux 😉 As others pointed out, you may grant root only once, or just for a few minutes. Although I don't quite get the point of restricting root like that. Trusted apps get permanent root on my phones. Untrusted apps never ever get root, not even once. Getting root one time is enough for a malicious app to compromise your system (privilege escalation) ... Well an app that is trusted today might not be trusted tomorrow, especially after updates.... In principle it is always a good idea to work with minimal privileges needed. So if an app does not need it all the time, but only under special circumstances, it make perfect sense to only let it have the big hat for that specific task. It is REALLY hard for the ordinary users to keep 100% track of their apps, especially if updated. The benign app might be sold to another company that proves to be crooks, by the time you spot it in the news, it might be too late. 1 Quote Link to post Share on other sites
daniel.schaaaf 177 Posted February 19, 2020 Share Posted February 19, 2020 (edited) On 2/18/2020 at 5:28 PM, EskeRahn said: Well an app that is trusted today might not be trusted tomorrow, especially after updates.... In principle it is always a good idea to work with minimal privileges needed. You have a good point here. The apps that get permanent root on my phone are apps that I use daily. Thankfully, Magisk has an option to revoke root privileges automatically when an app gets updated. Edit: Was I wrong about Magisk revoking root after an app update? I can't find a corresponding setting in the Magisk Manager. Did I mistake Magisk SU with SuperSU? Was I blinded by wishful thinking? Edited February 20, 2020 by daniel.schaaaf 3 Quote Link to post Share on other sites
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.