The #1 Nexus 7 News, Discussion and Fan Site!

2012 Nexus 7 Discussion Forums (1st Generation) => Nexus 7 Root, Hacks, Mods And Development => Topic started by: nexusNovice on February 28, 2013, 07:34:28 AM

Title: Temporary root and security
Post by: nexusNovice on February 28, 2013, 07:34:28 AM
I'm a newbie so please forgive me if what I ask makes no sense to the experts.

Rooting is done by experts but also by non experts who wish to use certain apps that require root to fully function. Titanium pro, Nandroid backup, Avast mobile security, and others come to mind. But it seems to me that on a mobile device running rooted can be a dangerous practice especially if the user is not an android expert.

In the windows world it is somewhat like the user running as administrator with full powers and no firewall while connected to the web. One of the safety moves in the otherwise insecure windows world is requiring a password to permit dangerous administrator actions or allowing some programs to "run as administrator" while limiting others. A sort of compromise between the risks of running as administrator and a limited user.

I am curious: does something like this exist in the android world? I mean running unrooted and protected, but allowing some apps to have root capabilities? Or is that nonsense?

Sent from my Nexus 7 using Tapatalk 2

Title: Re: Temporary root and security
Post by: matt on February 28, 2013, 09:08:13 AM
I believe that superuser/supersu are the gatekeepers you are thinking of. When a program needs root access, a box will pop up asking your permission, unless you have it set wrong. So it's a firewall to root. The permissions you have granted are maintained in a white list accessed by opening superuser/supersu as an app.
Title: Re: Temporary root and security
Post by: loociddreemr on February 28, 2013, 10:31:01 AM
Some apps like ES File Explorer have multiple options for root privileges. Just having root does nothing until you make your selection in the settings. Without root you cannot make a selection, but the options limit the potential risks. You can allow the explorer to read up to root directory, write up to root, and finally, write to /system.

Sent From my Razr Maxx(stock .211, waiting for the MFN soak test) via Tapatalk 2
Title: Re: Temporary root and security
Post by: nexusNovice on February 28, 2013, 10:43:48 AM
Yes, root explorer does the same thing too. I'm not worried about them because I can control them.
I'm thinking about rogue apps doing bad things behind my back but I just realized that may not be a concern because superSU controls which apps get root control.
Now I realize I should think more about selective permission control.
Need to learn more.
Title: Re: Temporary root and security
Post by: matt on February 28, 2013, 03:38:33 PM
I imagine that as well as the white list, or apps you have given permission to in supersu, a blacklist could be maintained and updated that consists of rogue apps that would never ever under any circumstances be given root access. However, as long as you get your programs from google play or amazon market, they will be accessed through those market servers and thoroughly scanned and tested for malware. The risk comes from sideloading from pirate sites. Or responding to phishy emails.
Title: Re: Temporary root and security
Post by: nexusNovice on February 28, 2013, 08:46:35 PM
Thanks.

Sent from my Nexus 7 using Tapatalk 2