Monday, 29 July 2013

Could CyanogenMod be looking to Remove the Need for Root Access?


cyanogenmod-10.1CyanogenMod, for all intents and purposes, is the oldest and most trusted ROM around for Android devices. It is compatible with hundreds of different devices and supports devices for years after the carriers and manufacturers stopped caring. Many of us, even on Nexus devices, use CyanogenMod because we simply love it. Although for a while I was using it on my Nexus 4 to get LTE working easier. But that’s changed with Android 4.3.
Most of the time when we want to root our device, it’s to flash a new ROM. But in some cases we just want to use an app that needs root access like Greenify. Today, Cyanogen (well Steve Kondik) himself went to Google+ and made a post titled “The Death of Root”. Could it be? Here’s what he had to say:
The Death of Root
Android 4.3 introduces some new and much needed security features which not only restrict setuid binaries on the system partition (su), but also limit the capabilities of processes. In the current architecture, even if you could get elevated privileges, you can’t do anything out of the ordinary. Root in the shell via ADB is all I use, and it still works just fine.
This isn’t a problem for me, since I use CM. When there is a situation that I’d need root, I just modify the system to accomodate what I’m trying to accomplish in a secure way. I can understand the desire to have full root on stock ROMs, since you’re severely limited in what you can do and there is no provision for making any sort of real changes or improving the architecture.
+Koushik Dutta and +Chainfire are working hard to permit root in some way on 4.3, but I feel that anything done at this point might severely compromise the security of the system and we should start considering better options.  Going forward, I’m interested in building framework extensions and APIs into CM to continue to abolish the root requirement.
A few good use cases for root are:
* Firewalls and network software, potentially requiring raw sockets.
* Managing the DNS resolver
* Tweaking various sysfs nodes to control the kernel
All of these can be done without exposing root, and they can be done in a very secure way.
If you’re using CM or another custom ROM, what do you actually use root for?
Aside from custom ROMs, root is often used for full system backups, and installing Google Wallet on a device that does not have it. Like the Galaxy S4 on Verizon, AT&T or T-Mobile. One of the first things I do to a new phone or tablet is root it, so I can use apps like Greenify for battery life and Helium for full backups. So could root be dead? Let us know what you think in the comments down below. We’d be very interested to see what you think.
On another note, the CM team is hard at work with the next version of CyanogenMod, CM 10.2 which is based off of Android 4.3. They began working on it last week and posted on Google+ a “general order (not a steadfast rule)” timeline which shows us which devices they work on first. To no surprise it’s Nexus, Qualcomm-based devices, then OMAP-based devices, Tegra 3-based devices and Exynos-based devices are last.

0 comments:

Post a Comment