What is root – Gary explains

by: Gary SimsMarch 22, 2016

You may have heard of the term “rooting your phone” and you may have seen that some apps on the Google Play Store require “root” access to work. But what is root? What is “rooting” your phone and why would you do it? Let’s find out!

The majority of operating systems including Windows, OS X and Linux have the concept of system privileges where processes, and therefore users, run at different privilege levels which determine what the process is allowed or prohibited from doing. On some OSes this scale of system privileges is fine grained with a range of privileges from the lowest to the highest. On Unix-like operating systems the difference between an unprivileged user and a privileged user is more black and white. A process or user is either unprivileged, or privileged, with no ambiguity in between. A privileged user on Linux is known as a superuser or root.

There are certain things that root can do that normal users can't do.

There are certain things that root can do that normal users can’t do. The most important of which is that root can access any file, anywhere on the system. A normal user is limited to accessing their own files and files within their assigned groups. This is quite sensible, on a multi-user server, your files are yours and you don’t want others snooping around. It also means that normal users can’t go around altering system files. If they could then there would be havoc.


As you can imagine the fact that root access exists doesn’t mean that it is granted automatically to every user or process. To gain root privileges a process or user must ask for it. On Linux this is handled in one of two ways, either with the su command or the sudo command. The first one means substitute user and it basically allows a process to substitute its current user id for that of root and gain the privileges associated with being root. The second is similar but applies to just one command, “do with a substitute user” or basically “do as root.”

On systems which use su you need to know the password for the root account, so basically root access is off limits to those who don’t know the password. With sudo things are a little different and depending on how the system is setup, you need to be an authorized sudoer and/or you need to authenticate with a password. So su and sudo ensure that there is an authentication step needed, so that only those allowed to have root access actually gain it.

Root access


Now let’s apply that theory to Android. Our favorite mobile OS runs on top of a Linux kernel. That means that there are normal processes and there are root processes. It also means that normal apps can’t go around altering the system files or snoop around in the data of other apps.

But on Linux (and other Unix-like operating systems) when a process or user gains root access, they can do everything including altering system files and reading everyone’s data. The same is true on Android, an app that can gain root access can alter the system and it can see all the data belonging to other apps. As you can imagine this could be equally a benefit and a security nightmare.

It is a benefit as it means that app developers can create apps which perform privileged operations, actions that would normally be prohibited. One of the most popular root apps is Titanium Backup root which allows you to backup your apps including all protected and system apps, something it wouldn’t be able to do without root access.

However, Google has invested a lot of effort in making sure that Android is as secure as possible. Like all operating systems (including iOS) there are bugs which can be exploited (and we will talk more about that in a moment). But the downside of having root access available on your device is that any app can seek to gain root privileges and if it succeeds then it can do anything it wants, including stealing all your private data.

This isn’t as hard as you might think. I could write a free little game that looks harmless enough and on non-rooted devices it will remain harmless. But the moment it sees that root access is available it will try and convince the user to grant it root privileges. It could try in a variety of ways including lying about downloading updates, improving speed or memory usage, needing root access to upload the scores and so on. The moment an unwary user grants it root access then BAM! Everything is exposed. That is why it is best to keep this door firmly shut.

How to get root access


As you have probably guessed root access isn’t available on the majority of retail Android phones. The occasional device from China might come with root access enabled but overall it isn’t something you can expect to find by default. There are several different ways to get root access on your phone, and it really depends on which phone you have. Some phones can be rooted just by replacing the boot loader and then adding some special su files, while others need to use an exploit. A third method is to install a custom ROM like Cyanogenmod, which has root access pre-baked into the software. Which method is best for you really does depend on your device.

I mentioned earlier that all operating systems have bugs, in security circles bugs which could potentially allow for security breaches are called vulnerabilities, and an actual piece of code which uses a vulnerability is called an exploit. For some phones to be rooted a vulnerability needs to be exploited. What basically happens is that due to a bug some code can be crafted to run at an elevated privileged (i.e. root) and using root the relevant su files can be copied onto the phone to grant permanent root access, without having to constantly exploit the vulnerability. These rooting methods often only work for certain firmware versions as whenever Google or Samsung or whoever find out about these vulnerabilities they are patched and the code fixed.


To recap – root is the most powerful user in the Linux world. Root can do anything include changing the system files. Android uses a Linux kernel and so the concept of root exists on Android devices. A phone is considered “rooted” when normal apps have the ability to raise their privilege levels to that of root. Although root access has its advantages, in that root apps can do more than “normal” apps, it does present a security risk.

  • Vivek

    Hello sir ,I have a question that how can we write a simple android app and is android SDK the tool to write it??

    • We have lots of articles and tutorials on this site about that very topic, some written by me. They aren’t hard to find.

  • Hanson Eze

    Hmmm… Like I ll stay not rooted…

  • Hanson Eze

    Am still wondering what type of access does this place on my attachment give to apps that ask for it to be ticked.. Any idea anyone?

  • Why doesn’t Google employ a backup system like Titanium and TWRP natively? I mean then rooting would pretty much be obsolete!

  • Kunal Narang

    Thanks, Gary, but you didn’t talk about the huge benefits of rooting a device!

  • Nakhul Dinesan.o

    hi Gary,i have root access in my phone and also i have flashed a custom kernel ,now from playstore i have downloaded kernel auditor and tweaked the cpu and i/o sceduler ,doing this my phone is acting strange,,is it because of rooting ??

    • Mike

      Its because you tweaked cpu and io scheduler, root does not change your phones behaviour on its own.

      • Nakhul Dinesan.o

        I have over clocked the CPU using kernel auditor in order for it to perform well..instead it is opposite.Could u please tell me why this has happend

        • Mike

          What kind of IO scheduler do you use now? The IO schedule change the way the phone works.

          Phone is most likely acting strange becuase of that, I have experienced it myself.

          Overclocking just makes it thinks it has more power when going full throttle and if overclocking and simple overclocking is the problem, then phone reboots.

          Have you downloaded any app lately that requires suspicious access for that app? Like a camera app wants full access to system (by default, not a prompt from any SU program), that could also the be the reason.

          Try to swap back to initial cpu speed and original IO scheduler and
          any other changes if you made any and see if the problem persists.

          • Nakhul Dinesan.o

            I’m using Io scheduler as bfq and CPU governed as interactive..I’m experiencing reboots after a heavy usage at a specific temp..is this because of overclocking ..could u please suggest a gud scheduler that can improve ui experience

  • Abhishek Kataria

    Gary what if I give root access to an application on android marshmallow and restrict its access to any other information like my contact or gallery will it be help full in protecting my content please reply
    Thank you

  • kent

    what us kernal and flashing, i encounter this term in rooting my device. can you explain?
    btw, nice video, thx informative explaination

  • Bukhosi Bhebhe

    Gary, can you suggest a way to root my galaxy tab 4. I’ve tried on my own failed. Thanks in advance

  • Choda Boy

    These days I only use root for the following:

    1. Titanium Backup – When Android implements a real full control, full backup, I will use it. Until then, I need Titanium Backup.
    2. Mounting folders from External Storage to Internal Storage to allow apps that do not natively support external storage to work without consuming the precious internal storage.
    3. Xposed – I doubt Android will ever offer this much freedom to modify the framework, so a system like Xposed may be needed for certain customizations. However, the more Android implements the customizations that I need, the less I need Xposed.

    Currently, I am running stock, unrooted and it isn’t so bad.

  • Jack The Ripper

    I use root for hacking games lol and free IAPs ;) Plus it allowed me to intall one of my fav game hackers…..Cheat Engine

  • Ethan Campbell

    I got Jamais Vous. What is Do?