November 22, 2024, 05:05:08 PM

collapse

Author Topic: Temporary root and security  (Read 2289 times)

Offline nexusNovice

  • Full Member
  • ***
  • Posts: 160
  • Popularity: 0
    • View Profile
Temporary root and security
« on: February 28, 2013, 07:34:28 AM »
I'm a newbie so please forgive me if what I ask makes no sense to the experts.

Rooting is done by experts but also by non experts who wish to use certain apps that require root to fully function. Titanium pro, Nandroid backup, Avast mobile security, and others come to mind. But it seems to me that on a mobile device running rooted can be a dangerous practice especially if the user is not an android expert.

In the windows world it is somewhat like the user running as administrator with full powers and no firewall while connected to the web. One of the safety moves in the otherwise insecure windows world is requiring a password to permit dangerous administrator actions or allowing some programs to "run as administrator" while limiting others. A sort of compromise between the risks of running as administrator and a limited user.

I am curious: does something like this exist in the android world? I mean running unrooted and protected, but allowing some apps to have root capabilities? Or is that nonsense?

Sent from my Nexus 7 using Tapatalk 2




Offline matt

  • Hero Member
  • *****
  • Posts: 936
  • Popularity: 28
    • View Profile
Re: Temporary root and security
« Reply #1 on: February 28, 2013, 09:08:13 AM »
I believe that superuser/supersu are the gatekeepers you are thinking of. When a program needs root access, a box will pop up asking your permission, unless you have it set wrong. So it's a firewall to root. The permissions you have granted are maintained in a white list accessed by opening superuser/supersu as an app.

Offline loociddreemr

  • Global Moderator
  • Hero Member
  • *****
  • Posts: 708
  • Popularity: 25
  • OG Droid-Razr MAXX-Nexus 7
    • View Profile
Re: Temporary root and security
« Reply #2 on: February 28, 2013, 10:31:01 AM »
Some apps like ES File Explorer have multiple options for root privileges. Just having root does nothing until you make your selection in the settings. Without root you cannot make a selection, but the options limit the potential risks. You can allow the explorer to read up to root directory, write up to root, and finally, write to /system.

Sent From my Razr Maxx(stock .211, waiting for the MFN soak test) via Tapatalk 2

Offline nexusNovice

  • Full Member
  • ***
  • Posts: 160
  • Popularity: 0
    • View Profile
Re: Temporary root and security
« Reply #3 on: February 28, 2013, 10:43:48 AM »
Yes, root explorer does the same thing too. I'm not worried about them because I can control them.
I'm thinking about rogue apps doing bad things behind my back but I just realized that may not be a concern because superSU controls which apps get root control.
Now I realize I should think more about selective permission control.
Need to learn more.

Offline matt

  • Hero Member
  • *****
  • Posts: 936
  • Popularity: 28
    • View Profile
Re: Temporary root and security
« Reply #4 on: February 28, 2013, 03:38:33 PM »
I imagine that as well as the white list, or apps you have given permission to in supersu, a blacklist could be maintained and updated that consists of rogue apps that would never ever under any circumstances be given root access. However, as long as you get your programs from google play or amazon market, they will be accessed through those market servers and thoroughly scanned and tested for malware. The risk comes from sideloading from pirate sites. Or responding to phishy emails.

Offline nexusNovice

  • Full Member
  • ***
  • Posts: 160
  • Popularity: 0
    • View Profile
Re: Temporary root and security
« Reply #5 on: February 28, 2013, 08:46:35 PM »
Thanks.

Sent from my Nexus 7 using Tapatalk 2


 


* Top Boards

* 'Like' And 'Follow' Us!

* Top Posters

bjs229 bjs229
2682 Posts
S.Prime S.Prime
2017 Posts
Babyfacemagee Babyfacemagee
1263 Posts
matt matt
936 Posts
birdastrompgman birdastrompgman
840 Posts
loociddreemr loociddreemr
708 Posts
radiocycle radiocycle
653 Posts