ClockworkMod SuperuserKoushik Dutta, the brains behind ClockworkMod Recovery, has released a new superuser access app called ClockworkMod Superuser. The app, which is currently in Beta, is open source which is something that Koush feels was missing for Android. Since superuser is the guardian to granting administrator access on a rooted Android device, it needs to be open source so that it can be subjected to independent security analysis. Of course, the app is free (and will always be free).

But that wasn’t the only reason he released the app.  ClockworkMod Superuser handles multiple user accounts on Android 4.2 devices. This means that you can set root access to be restricted to only the owner (meaning your kids can’t run any apps needing root); or to a set of predefined users; or to everyone. There is full logging, which shows which apps requested root access, along with PIN protection and integration into the Android notification system. The app also supports tablets with an optimized user interface.

If you aren’t familiar with a superuser app, it works like this. On rooted devices apps are allowed to ask for superuser permission which means the app can do more than Google intended and can access bits of Android which are normally restricted. This has its advantages especially when trying to flash on custom roms or adding things like a firewall to Android. Of course you don’t want every app to have so much power as rogue apps could easily infect your device with malware etc. So to stop this a superuser app notifies the user when an app asks for root access and allows the user to allow or deny the request. The choice to deny or allow can also be remembered indefinitely or just for the next few minutes. Since ClockworkMod Superuser is open source it means that this functionality can be verified and also it means that no backdoors can be left open. Such a backdoor could automatically grant superuser access to certain apps without the users knowledge!

Koush is also pushing the use of a new Android permission called “ACCESS_SUPERUSER”. At the moment there is no standard permission to declare that an app needs root access. But Koush has a plan. ClockworkMod Superuser recognizes the new “ACCESS_SUPERUSER” permission and warns when an app asks for superuser access but hasn’t declared the permission in its manifest. Then six months from now, an option will be enabled which will automatically deny apps which asks for root access but don’t have the new permissions listed. However as this point it can be optionally disabled. But in a year from now the option to disable this checking will be removed and Koush hopes that this will force app developers to properly declare the fact that their app uses root. The advantage is that such permissions are listed in Google Play meaning users can see which apps will try to use root privileges.

At the moment  installation must be done via recovery so to install ClockworkMod Superuser get it from ROM Manager in the ClockworkMod section or manually install the following zip in recovery:

Eventually there will be a standard APK available from Google Play.


Gary Sims
Gary has been a tech writer for over a decade and specializes in open source systems. He has a Bachelor's degree in Business Information Systems. He has many years of experience in system design and development as well as system administration, system security and networking protocols. He also knows several programming languages, as he was previously a software engineer for 10 years.