Chainfire: Next Android version could bring new troubles for root apps

May 19, 2014
35
340

superuser

Back in January, Chainfire warned us that the next version of Android could potentially bring changes that could break some of our favorite root apps, due to the fact that Android will reportedly no longer allow the extraction of files to directories located on the /data partition.

The idea isn’t to prevent the use of rooted apps necessarily, but instead is reportedly aimed at making Android more secure. While an annoyance, at the time Chainfire also made several suggestions on how apps could be modified to get around some of these potential hurdles. Workarounds included extracting the code and running it from RAM or rootfs, piping commands directly to SU and the list goes on.

The idea isn't to prevent the use of rooted apps necessarily, but instead is reportedly aimed at making Android more secure

It’s only a matter of time before another Android update arrives (4.4.3, 4.5 or whatever really), so Chainfire took to Google+ today to review the situation to see where we are at. As it turns out, there’s actually a few more changes heading our way then originally believed — all of which could make rooting even more difficult.

In addition to the above-mentioned change, reviewing AOSP also turned up changes to SELinux that make it much more secure and makes context switching a bit more complicated. Basically, the old ways of executing processes as a root user will no longer work, though Chainfire has updated his root guide to show developers additional methods for getting around this.

Furthermore, Chainfire says that the Android runtime is now the default setting in AOSP, though it remains unseen if this will carry over to production firmwares. While the presence of ART is largely a good thing and means a faster Android experience, it also could mean that when apps running ART try to call Java-based code like “am” and “pm” in a different context, the combination of “SELinux restrictions and the immaturity of ART” could cause crashes that take down the entire system. Of course, even if ART is default, those who use root apps can always switch back to Dalvik under the ART-related problems are fully addressed.

Of lesser issue for most root apps these days, Chainfire also says that PIE (Position-Independent Executable) is now a requirement on non-statically build executables.

Harder, but not impossible

All of these changes combined will make rooting a bit more difficult and will require a great deal of existing rooted apps to be updated, but it’s far from the end of rooting as we know it. Ultimately the changes being made by Google might seem frustrating, but it’s important to remember Google’s goal with the changes is to shake its reputation of being less secure than other OSes and isn’t necessarily an indication that Google is trying to muck up the Android community and rooting scene.

Rooting will still continue on strong, as the Android community has proven that no obstacle is too big if you have the willpower to overcome it. On that note, Chainfire has also revealed that the latest version of SuperSU (which supports newest AOSP builds) is ready to go, even if it’s not yet been formally released.

It’s also important to remember that even if these changes are being made to AOSP, it doesn’t necessarily mean they’ll show up in final versions of Android anytime soon — though we wouldn’t be too surprised if they do. What do you think of this changes: positive for the direction of Android or cause for concern?

Comments