android Cyanogenmod disables root access by default

[+Frank B. Subscriber²]

Security and You

Many of you may not give it a second glance, but among all the furor and concern about permissions requested by market apps and privacy, all Custom ROMs (CyanogenMod included) ship with one major security risk ? root!

We have been struggling with how to handle this for quite a bit, and took a first step with the first public CyanogenMod 9 alpha builds, by disabling the previously-default root access over USB. You can still get adb root access by running ?adb root? in terminal, should you ever need it.

We recently merged 3 patches into CyanogenMod 9, to further address this: http://goo.gl/eCjDV http://goo.gl/oWAFI and http://goo.gl/34vai.

What follows is an explanation of the changes, how they affect you and our reasoning behind them.

What do the patches do?

They disable root selectively and in a configurable way. Users will be able to configure their exposure to root as:

• Disabled
  
• Enabled for ADB only
  
• Enabled for Apps only
  
• Enabled for both
  

How does this change affect the usage of your device, and root apps you have installed?

On a default CyanogenMod installation, root usage will have to be explicitly enabled by the user. This means that the user is fully aware that any application that uses root may perform actions that could compromise security, stability and data integrity. Once enabled, the process mirrors that of the current process, apps that request root will be flagged by the SuperUser.apk and the user will have to grant selective access.

Why the change?

At CyanogenMod, security has always been one of our primary concerns, however, we were hesitant to make a change that might disrupt the current root ecosystem. With CyanogenMod 9 we have the opportunity to do things better, whether its the code in the OS, UI/UX, or security ? we are taking this time to do things with a fresh approach.

Shipping root enabled by default to 1,000,000+ devices was a gaping hole. With these changes we believe we have reached a compromise that allows enthusiasts to keep using root if they so desire but also provide a good level of security to the majority of users.

What concerns remain?

Many of you reading this are savvy enough to note a remaining hole in this approach ? recovery and unlocked bootloaders. The bootloaders are out of our hands, there is little to nothing we can do on that front.

Regarding recovery ? with unlocked bootloaders, a malicious user could just flash a new recovery image (without any potential security we could apply) or just dump the data partition. This however, requires physical access to the device. As such, the security standards for this are highly reliant on you, the device owner. Data encryption is available in ICS to safeguard your data. (Warning for emmc only users ? encrypted /data means recovery will be non-functional.)

The onus is on you to secure your device; take care of your possessions, and this risk is minimal. Always make sure you take devices out of your car before you go into the mall and remove them from pockets before washing laundry. Common sense is a basic security tool.

But Why?

We honestly believe there are limited uses for root on CyanogenMod, and none that warrant shipping the OS defaulted to unsecured.

Source: Cyanogenmod blog via Engadget

[still1]

its a real good move... I tried it and it work like a charm...

[BeerFan]

Yep, it's a smart move. No reason to have root unless you really need it. And if you really need it, you can easily get it. I'm running the latest CM nightly build and love it!

[firey]

its a real good move... I tried it and it work like a charm...

Yep, it's a smart move. No reason to have root unless you really need it. And if you really need it, you can easily get it. I'm running the latest CM nightly build and love it!

I dunno.. I guess in a way it's smart, however it's an extra step required to enable root. I use programs like TIBU and SetCPU and quite a few others that require root. So having root enabled by default makes it a helluva lot easier to get up and running.

[(Spork)]

its a good move to many dumb ****s that root phones to be cool and scream and blame a rom when they brick there phone

[cybertimber2008]

its a good move to many dumb ****s that root phones to be cool and scream and blame a rom when they brick there phone

But... if you are running cyanogenmod they've already rooted their phone and successfully flashed a rom! Disabiling root by default on a aftermarket ROM won't stop, as you say, dumb ****s that root phones to be cool and... brick....phone".

[still1]

its a good move to many dumb ****s that root phones to be cool and scream and blame a rom when they brick there phone

Dont many any sense at all...

[LittleNeutrino Veteran]

So far as my own opinion I think this is a great Idea, it opens up the concept of the Custom rom scene without pushing folks to a less secure rom that people that are starting out might not understand how to use properly.

[techbeck]

its a good move to many dumb ****s that root phones to be cool and scream and blame a rom when they brick there phone

Bricking is becoming a thing of the past. Yea, when Androids first came out people bricked their phones all the time. Now you can easily fix this issue and the method of rooting is becoming more and more dumb ****s proof.