8

I'm compiling an Android ROM from source, and I have one application that I want it to be pre-installed and have it run with root permission.

How can I grant root access to this specific application, without rooting entire ROM?

Charles Liu
  • 271
  • 1
  • 2
  • 7

1 Answers1

10

Hopefully you don't need root...

Typical stock Android ROMs provide root privileges to very few things, in line with the principle of least privilege. Instead, apps are granted the precise permissions they need.

Why exactly do you need this app to have root permissions? You should first look through the list of all the internal unpublished Android permissions to see if one of them does what you want. Since you're building a system app, you can even use signature permissions which are not normally available to other apps. You just need to ensure that your app is signed by the key with which you build the Android ROM - you can then distribute it with the ROM or separately, and it will still have access to the permissions you require.

The advantages of doing it this way are:

  • If your app is compromised or buggy, the effects are limited.
  • Your actual Java code has these permissions so there's no need to craft fiddly command lines.

So if you can possibly do your task this way, do.

But if you really do...

If you really do need root, then things get tricky.

You have three options. In order of preference:

  • Add a new system service.
  • Add some alternative setuid-root binary which does just what you need.
  • Modify the su binary to check exactly who is calling it.

If you really do need root, then I would add a new system service. This can run as root. You would then add suitable extra APIs so that your app can call into it - and the permissions can be signature-level so that only your system app can call it. This is the architecturally 'correct' way to do it in Android-land.

The second or third options involve creating some command-line tool which does what you want, but I don't know a secure way for such a tool to check who is calling it. It may be acceptable to allow any app to call this functionality. If so, a new setuid-root executable might be the way to go. However, as I say, I don't know a way to stop other apps running it.

Community
  • 1
  • 1
Adrian Taylor
  • 4,054
  • 2
  • 24
  • 26
  • 1
    wouldn't putting the app into the system/app path make it support root anyway? – android developer Apr 25 '13 at 17:15
  • 1
    Sadly not! It means it would be granted `signatureOrSystem` permissions if it asked for them. But it's just as easy to sign the app with the system key, which will also result in the granting of those permissions - plus `signature` permissions. – Adrian Taylor Apr 25 '13 at 17:18
  • so a system app cannot access other apps' data ? i guess it means that only system apps that also have root permission are really capable of doing everything. – android developer Apr 25 '13 at 19:20
  • That's right. System apps are no different from regular apps except that they are able to access APIs available via only `signatureOrSystem` permissions, plus the fact that they're signed by the ROM certificate so they can also access APIs made available by the system using `signature` capabilties. System _services_ on the other hand may well run as root - but in this sense a service is a little bit different from the sort of `Service` you can run inside an .apk. – Adrian Taylor Apr 25 '13 at 20:15
  • how do you sign with a special certificate? – android developer Apr 25 '13 at 20:54
  • Thanks Adrian! It seems that there isn't a simple solution. I guess I can create a new API in the framework to do exactly what I want, but I'm trying to utilize existing code as much as possible. I'll look into the modifying su binary option, though it sounds unsafe. Thanks again! – Charles Liu Apr 26 '13 at 01:11
  • Adrian i want to talk to you regarding the same thing asked here, i've updated my SU.C it compiled well but it is not giving root access to my app plz help. – Neji Sep 12 '13 at 06:25