I just discovered a new permission request "Android System" UID System User 1000 in SuperSU .
I can't explain where this comes from.
So I did the following:
1.) Factory Wipe
2.) ODIN and simply flashed the Stock ROM with 1 file ROM in PDA slot
One thing I didn't do was Format the System Partition
But the next time I install SuperSU the permission request appears again.
So I want to know, does ODIN flash and Factory Wipe, truly wipe everything?
You didn't wipe everything. You didn't wipe the system partition where the su request came from.
Thanks, I thought the TAR.MD5 Odin ROMs clear out everything in the system partition before writing.
Weird, even after going into Touch CWM and doing the following:
1.) Factory Wipe
2.) Clear Cache
3.) Clear Davlik Cache
4.) Mounts and Storage > Format /System
5.) Reboot to Bootloader
6.) Loaded ROM via ODIN N8010XXUCMK2 http://www.android-hilfe.de/origina...jellybean-4-1-2-20-11-2013-a.html#post6823310
7.) Loaded Touch CWM
8.) Installed SuperSU zip
Upon the second restart, it again requests for root from Android System UID User 1000
Huh.. strange. You wiped everything this time so that's weird. I've never seen a su request from Android System (the android system has root as default, as an OS should have). I'll dig a little and i'll be back soon.
UPDATE: I think i cracked the case. It's Xposed that does this on Samsung devices. If you do not use Xposed, it could be SuperSU. Be sure to have the latest version installed.
If you are referring to this:
Current Superuser/SuperSU releases have security holes that allow any application to execute commands as root without the user's permission (even apps with no permissions). Please upgrade immediately to SuperSU >= v1.69 or another patched release.
Click to expand...
Click to collapse
The device is on one of the latest SuperSUs 1.80 and then updated to 1.85, and never on SuperSU =< v1.69
Regarding the System User Request, Is below what you are referring to?
cernekee said:
On a rooted Android <= 4.2.x device, /system/xbin/su is a setuid root binary which performs a number of privilege checks in order to determine whether the operation requested by the caller should be allowed. If any of these checks fail, the denial is recorded by broadcasting an intent to the Superuser app through the Android Activity Manager binary, /system/bin/am. /system/bin/am is invoked as root, and user-supplied arguments to the "su" command can be included on the "am" command line.
On a rooted Android >= 4.3 device, due to changes in Android's security model, /system/xbin/su functions as an unprivileged client which connects to a "su daemon" started early in the boot process. The client passes the request over a UNIX socket, and the daemon reads the caller's credentials using SO_PEERCRED. As described above, /system/bin/am is called (now from the daemon) to communicate with the app that implements the user interface
Click to expand...
Click to collapse
If I understand this properly, it's saying SuperSU accesses some functions as the System User 1000 on Android devices previous to OS version 4.3
On Android 4.3 and newer, SuperSU access those same functions without using System User 1000.
This would explain why this permission request does not appear on my Android 4.3 device, but it does on my Android 4.1.2 device.
Is this the correct understanding?
klau1 said:
If I understand this properly, it's saying SuperSU accesses some functions as the System User 1000 on Android devices previous to OS version 4.3
Click to expand...
Click to collapse
Internally, Superuser/SuperSU can switch UIDs to execute different subprocesses with different user credentials. But these do not generate requests that you would see on the screen.
To track down the source of the request, can you run these commands from a PC while the SuperSU dialog for "Android System" is on the screen, then paste the results?
Code:
adb shell busybox ps -Tl
adb shell ps
Here it is:
Attached
The command output of "adb shell ps" is also inside, just search for "adb shell ps" in an txt editor to jump to it.
Although, I'm a noob I will try to help. If I mind correctly , If you go supersu > setting is a checkbox that says something about "system processes" or similar, make sure that is unchecked. You could also try emailing to the developer of supersu, your rom and kernel
Sent from my Xperia Mini using XDA Premium 4 mobile app
I know that, but just indiscriminately "trusting" the user doesn't make it safer. Just like keeping your doors open so you won't hear anyone break in doesn't stop the actual breakin from happening.
And it's also a stock ROM from: http://www.android-hilfe.de/origina...jellybean-4-1-2-20-11-2013-a.html#post6823310
Is it possible these Stock ROM uploads are infected with malware?
Related
hi. i can't believe i'm the first person to ask this but i've searched as best i can through these forums, and on google, and cannot find a definitive answer. there are lots of pages giving high level descriptions of rooting a phone like "gives admin access", "allows access to the root filesystem", etc. but, when you root a phone, what actually happens ? does it simply make the "su" binary available so that apps can call it to access the root user ? eg. i've got a samsung galaxy s2, if i install an insecure kernel, then add su to /system/xbin, and then reinstall a stock kernel, is that technically a rooted phone ? this is actually what i did on my phone, although i installed superuser and busybox from the market after adding su. i am aware that there are various threads in the sgs2 forums on how to root, i'm just using my phone as an example, i'm just trying to understand generically what is meant when someone says a phone has been rooted. cheers.
Full control over your system
Ability to alter system files. You can replace many parts of the "Android Core" with this including:
Themes
Core apps (maps, calendar, clock etc)
Recovery image
Bootloader
Toolbox (linux binary that lets you execute simple linux commands like "ls") can be replaced with Busybox (slightly better option)
Boot images
Add linux binaries
Run special apps that need more control over the system
SuperUser (lets you approve or deny the use of root access to any program)
Task Manager For Root (Lets you kill apps that you otherwise could not kill)
Tether apps (like the one found at [android-wifi-tether.googlecode.com])
<there are more but I cannot think of any right now>
Backup your system
You can make a folder on your sdcard and backup all of your .apk files to your sdcard (helps if an author decides to "upgrade" you to a version that requires you to pay to use the version you just had)
Relocate your (browser/maps/market) cache to your /sdcard
Relocate your installed applications to your /sdcard
Reboot your phone from the terminal app easily (su <enter> reboot <enter>)
Copied and pasted from google... it is your friend.
thanks for the response however, i'm trying to understand what actually changes on the phone when you root it, rather than simply the benefits of rooting a phone.
Carrot Cruncher said:
thanks for the response however, i'm trying to understand what actually changes on the phone when you root it, rather than simply the benefits of rooting a phone.
Click to expand...
Click to collapse
Unrooted phone is like logging on as user in a computer. By rooting you have "administrative" rights, just like using sudo command in Ubuntu. Some binaries which are important in gaining administrative rights are installed in the phone.
sent from my nokia 3210
If you come from Windows, you're familiar with the Administrator account. A user that can do everything on the system, as opposed to other users than only have limited privileges. In Linux, that account is called "root". That's all there is to it. It's a user that can do everything on the system.
@Panos_dm: Actually, it's *not* like using sudo. Sudo gives elevated privileges to your existing user account, whereas "root" is a whole separate account.
Nope, sudo actually switches users
i'm a linux user and have been a linux admin in the past so understand the difference between su and sudo. sorry to sound pedantic but i'm still not clear on exactly what happens when you root a phone, i.e. what exactly happens during the rooting process ?
It opens your phone to a whole new array of possibilities.
Sent from my HTC Sensation 4G using xda premium
Carrot Cruncher said:
but i'm still not clear on exactly what happens when you root a phone, i.e. what exactly happens during the rooting process ?
Click to expand...
Click to collapse
In a gist? The "su" binary and the Superuser.apk app get installed. Sometimes doing so requires exploiting a vulnerability via a trigger. Rageagainstthecage is a common trigger. I once had a link that explained what exactly rageagainstthecage does, but I don't have it anymore.
If you really want to know all the details, here's the script I used to root my Defy: http://pastebin.com/G3m9v4FQ
Hmm, I see the script contains a link to the explanation of what rageagainstthecage does. Cool.
many thanks for confirming my understanding of the process.
Conflicts? LG P769 rooted V18. Binary update fails, su reports "The ap su (processom.noshufou.android.su has stopped unexpectedly)" then crashes. Until resolved and certain that su will preserve root would like to prevent ph from forcing update. Have read several methods one is to freeze a couple of scripts w/Titanium, another to delete 24MB ip folder 10e>10g in cache and alter Google Framework. Not sure which is the safest or easiest with apps I already have. That's two requests which will be greatly appreciated: One to resolve su binary fail w/possible app conflicts the other to simply stop OTA until I understand Andoid and the apps better.
Installed: SuperSU (non-pro- no survival mode) , Superuser Elite(over vs from Bin4ry), Smanager Elite, OTA Root Keeper, Titanium BU Pro
btw- No response from ph running Bin4ry? Go to redmondpie com "how-to-set-up-android-adb-and-fastboot-on-windows-tutorial" Only way it worked for me. Followed the directions and was able to view my device in command box prior to executing v18.
note: When editing the string as described, redmondpie, +be sure not to wipe out any part of existing script+ (hit end , blue box turns white). Copied and pasted extracted bin4ry "stuf' in a folder labled Andoid-adb set up in adb environment. Root executed from there first try after dozens of failures w/other methods.
>>not sure if I have valid root restore tools should OTA (already in cache) executes<< >>Meanwhile, which method to prevent OTA execution<<
notes from apps
root checker basic verifies root; voodoo all boxes checked, protected su copy available but note "using both su and SupersSU take care keeping app and su bu consistent" (should not be issue since not the pro vs of SuperSU - no ota survival). edit just started to rept "sys running very slow-pls wait for r-ckr to cmplete.
Superuser elite v3.1.3(46) (downloaded over Bin4ry incl vs) shows no apps, no log, o entries Binary updater fails, "The ap su (processom.noshufou.android.su has stopped unexpectedly" then crashes. "bu written to sd card"black box flashes to say su has been granted superuser permission interactive shell access; access timeout aps not remembered set to 0; auto response set to prompt; ghost mode off; ...
SU updater reports "sigs ok"
SuperSU v0.96: all green # today (but not yesterday); superuser enabled; surv mode not avail (not pro);
Titanium BU Pro root ccess ok, busybox 1.19.4-titanium from ap ; sqlite- yes 3.7.6.-titan incl; All green checks on overview pg; has quite a few red line entries, probably hven't left ph on long enough for bu to complete
; active data pofile- sys rom 1.03gb ; internal 1.93/1.46 free note down from 1.7 when new.
Smanager reports root access Can this app delete cached ota update zip?
Did I err in downloading elite vs of Superuser over the copy already inserted by Binr4y? Thanks.
Hello Archos community,
I have bought the new Archos 50c Neon in early July, because of its nice price-performance ratio and the fact that it runs Android 4.4.2.
I have been able to successfully root it using Chinese "KingRoot", but am looking for an alternative SuperUser app. I already own a license of SuperSU Pro (which I am using for my tablet), but it turns out that the current versions of SuperSU (both 2.46 and 2.49) currently cause a crash when calling "su" from adb - seemingly because the Dalvik VM is unable to instantiate class "android.os.Environment" from SuperSU code when SuperSU wants to display its UI dialog that asks for permission. For the detailed issue description, please see here:
My thread in XDA SuperSU forum: Crash when trying to run su
Unfortunately, Chainfire (the author of SuperSU) from his signature is "away for most of the summer", and I will wait until he's back and then point him to this issue one more time.
In the meantime, I have created a script to successfully remove all remains/remnants of KingRoot (after successful rooting with it) and replace it by Koushik Dutta's OpenSource Superuser package:
https://play.google.com/store/apps/details?id=com.koushikdutta.superuser
http://www.koushikdutta.com/post/superuser
I have attached a ZIP file to this post that includes everything needed to do so - here are the instructions:
Please note that I do not take any responsibilities in case you brick your device, and also note that you void your warranty for the phone when rooting (these should be clear anyway)!
Reset your Neon 50c to factory settings (optional, might be needed in case you run into issues otherwise when removing KingRoot)
Unzip the attached ZIP and copy its contents to the root of the internal SD storage on your 50c Neon (directory /sdcard)
Use the included kingroot_4.0.0.apk to root your phone (allowing to install apks from untrusted sources)
Then, from your PC, open an "adb shell" to your device (you need to activate developer mode and USB debugging in order to do so)
From this adb shell, execute "su" and allow this root access through the KingRoot dialog on your phone. You now have a root shell on your phone.
Open a second adb root shell in the same way to not become stuck in case something goes wrong with the first one
In the first adb root shell, cd to /sdcard and execute my script in the following way:
Code:
cd /sdcard
sh -x ./kingroot_2_koush_su.sh ./busybox ./superuser.zip
and while it is running, press enter three times when "ps | grep king" and "ps | grep k_" show whether there are still processes running on your device that are related to KingRoot. General rule here is: When there are processes still running for the first ("ps | grep king"), something went wrong and KingRoot uninstall will most probably fail, while the fact that only processes matching the second ("ps | grep k_") are found, is normal and will NOT stop the script from working successfully.
When the script has finished, your phone will do a "soft reboot" (from killing zygote). You should do another explicit "hard" reboot afterwards anyway before trying to use the newly installed Superuser package.
I have run this script myself on my device, and am pretty confident that after the script has run successfully, there are no remains/remnants of KingRoot left on my device. The Open Source Superuser app by Koushik Dutta runs without any issues.
Hope this helps - and am still looking for some help with why SuperSU crashes on the 50c Neon although it seemingly has been installed properly...
Best regards,
awl
Great work, thank you very much for sharing this. :good:
I have just successfully followed your instructions and they worked for my new Archos 50c Neon as well.
Just one remark concerning the Kingroot (as the app was confusing me with Chinese that I could not read): Make sure to turn your wifi on before you start Kingroot, otherwise the app won't do anything.
And now my questions:
Do you by any chance know if there is a custom recovery available for the Archos 50c Neon? I haven't found any.
Have you written a debloater script which uninstalls all uninstallable apps?
do you have a custom recovery for this phone as I cannot get the su to up date without it restarting into recovery for the clockwork mod superuser. I have got root but only if i set supersu to grant rather than prompt but this isn't a very secure way as you said the su binary is there but the system isn't allowing the prompt.
Da5t3rati0n said:
do you have a custom recovery for this phone as I cannot get the su to up date without it restarting into recovery for the clockwork mod superuser.
Click to expand...
Click to collapse
AFAIK there is no custom recovery for this phone. I don't own it any more, it had too many weak points, such as most promintently speech quality/microphone and frequent hangups or no sound for one party during 3G telephony.
Sorry & best regards,
awl
awl14 said:
AFAIK there is no custom recovery for this phone. I don't own it any more, it had too many weak points, such as most promintently speech quality/microphone and frequent hangups or no sound for one party during 3G telephony.
Sorry & best regards,
awl
Click to expand...
Click to collapse
Yes first thing I noticed about this phone was the call quality haven't had any dropped calls though also the touch screen is awful only 2 touch. Reasonable hardware though CPU is a spreadtrum 1.2ghz a7 quad core so runs cooler and more energy effient than the a9 with a mali400 mp2 twin core GPU runs Asphalt8 on decent settings and good frame. But sadly let by the touch screen as for SuperSU it roots the phone and if set to grant, root programs run so the problem is with the prompt not being allowed to show. I'm thinking this is more Google security than anything.
Sent from my Bush 5" Android using XDA-Developers mobile app
I'm pretty sure this is the latest version of SuperSU, but every time I reboot my phone I get a message that reads: "The SU binary needs to be updated!", and when I click on the prompt to update it, it always fails and asks me to reboot.
Has anyone else run into this issue, or know how to resolve it? Thanks.
SuperSU APK and the SU binary are two different things :
SU is a binary executable, it's used by Android and other *nix based systems to allow a process to change the user it is run by and therefore what the process has the rights to do (as it inherit the user permissions). In the rooting case, processes invoke SU to switch to the root user therefore acquiring root permissions.
SuperSU is an Android application (.apk is an Android application package), it works as a sort of "gatekeeper" to the SU binary. Applications which attempt to invoke SU will be forced to route through SuperSU, which will then prompt the user with the options of approving or denying the access to SU (and optionally having SuperSU remember their decision and automatically apply it for subsequent calls by that app).
So what happens to you is, every time you boot, SuperSU v2.78 (which is the latest version of the SuperSU APK) checks the SU binary version and tells you that there is a newer version of it and that you should update it.
Then for SuperSU failing to update the SU binary I can't help as for me it always worked till now. But maybe there is a way to manually do it (by finding the binary in a flashable zip that you can flash in recovery)?
bafforosso said:
SuperSU APK and the SU binary are two different things :
SU is a binary executable, it's used by Android and other *nix based systems to allow a process to change the user it is run by and therefore what the process has the rights to do (as it inherit the user permissions). In the rooting case, processes invoke SU to switch to the root user therefore acquiring root permissions.
SuperSU is an Android application (.apk is an Android application package), it works as a sort of "gatekeeper" to the SU binary. Applications which attempt to invoke SU will be forced to route through SuperSU, which will then prompt the user with the options of approving or denying the access to SU (and optionally having SuperSU remember their decision and automatically apply it for subsequent calls by that app).
So what happens to you is, every time you boot, SuperSU v2.78 (which is the latest version of the SuperSU APK) checks the SU binary version and tells you that there is a newer version of it and that you should update it.
Then for SuperSU failing to update the SU binary I can't help as for me it always worked till now. But maybe there is a way to manually do it (by finding the binary in a flashable zip that you can flash in recovery)?
Click to expand...
Click to collapse
Thank you for explaining the difference for me. I went ahead and downloaded the .zip from here: http://forum.xda-developers.com/apps/supersu/stable-2016-09-01supersu-v2-78-release-t3452703/page8
And then used the installation instruction found here: http://androiding.how/how-to-flash-supersu-using-twrp-recovery-and-root-any-android-device/
And I don't seem to be getting the prompt that SuperSU needs to be updated anymore.
Huh. Never mind. Seemed to work for about 12 hours, but now it's asking me to update again, and I can't. Looks like I need step-by-step instructions on how to clear this message, cause whatever I'm doing isn't doing the trick.
Did you disable Sony RIC and dm-verity when you modified the kernel? I'm not sure if it has anything to do with or whether it will solve your problem, but one time I patched my kernel leaving one of the options enabled and ran into all sorts of problems with apps that required root, so after that horrible experience I decided to just disable everything. During that horrid experience, I think I also had SuperSU (or was it busybox?) complain about not being able to update binaries.
my method here will give you a permanent rooted shell and will give you read-only system root which is useful for using root apps to backup data or freeze system apps--works just like real root without being able to delete system contents--freezing apps however works like a charm and should reduce the need for rw root anyway
FOLLOW DIRECTIONS EXACTLY--I WILL NOT RESPOND TO STUPID QUESTIONS--PROBABLY WON'T RESPOND TO ANY QUESTIONS BECAUSE MY DIRECTIONS ARE PERFECT, WORK PERFECTLY WHEN FOLLOWED, AND ARE EASY TO READ. FOLLOW ALL STEPS EXACTLY. IF IT DIDN'T WORK, IT IS BECAUSE OF YOUR ERROR
This works best from a factory reset device, but will work from a already used device but all other root apps and superuser apps must have their data deleted and be uninstalled first
1) make sure device is at least 50% charged--doesn't matter most of the time; better safe than sorry
install latest superuser apk
http://www.mediafire.com/file/dx854fsys5pvxjh/SuperSU.apk
install dirty cow root apk (croowt) [comes from this post https://forum.xda-developers.com/android/software-hacking/root-tool-dirtycow-apk-adb-t3525120
http://www.mediafire.com/file/1hbey829hc7676a/CRooWt.apk
make sure usb debugging is activated in developer settings and make sure you have accepted the debugging access prompt on the phone for the computer you will use
make sure you have an external sdcard installed--the smaller the better for this first time
2) open dirty cow root apk
choose "get root"
choose "method 1"
hit "ok"
choose "ok"
app will direct you to unmount and remount sdcard, choose "ok" and it will take you to storage settings
unmount sdcard
remount sdcard
when finished proceed to step 3
3) open superuser
do not update su binary
go to settings and make the default action "grant"
remove any and all apps from superuser log including the croowt app
3) THIS MUST BE DONE FROM A REAL TERMINAL ON A PC--TERMINAL EMULATORS WILL NOT WORK FOR THIS STEP
from a working pc with adb setup, preferrably linux, input commands exactly as listed
adb shell
su
setprop persist.sys.k P816A06
reboot
5) once rebooted, open dirty cow root apk again
choose get root
choose "method 2"
hit "ok"
choose "ok"
if app asks you to open with a browser, choose one, and choose "always"
screen will go black, systemui will crash and then reboot
6) once systemui is back up and running
you now have read-only root
you can now freeze system apps or backup your data using apps that require root
Your shell will be permanently rooted when accessed from a computer using adb--this will last forever unless you undo the setprop
Your system however will only be temp, read-only rooted until the phone is rebooted.
If you wish to have your temp, read-only root reactivated, all you have to do is repeat step 5 and that is it.
You can do this over and over again.
GIVE STAYBOOGY SOME PROPS FOR MAKING YOUR LIFE WITH THIS PHONE BETTER
Does this only work to back up or freeze applications?
poseidon207 said:
Does this only work to back up or freeze applications?
Click to expand...
Click to collapse
ACTUALLY READ the first sentence of OP
I don't see how freezing system apps would negate the need for a real root method? Is this "Read-Only" root method working with lucky patcher or Kernel Auditor?
Can this be used to bypass the subscription check for tethering? I assume not since system isn't writeable.
Does this method work in the ZTE Maven 3 (Z835)?
I'm doing it wrong, probably
First of all, thank you so much for doing this. I've been following that other thread since it was new, and you've put far more effort into this than the phone or most of us deserve.
I've gotten stuck trying to run Dirty Cow. I have USB Debugging enabled, adb installed on my Linux computer which recognizes my Maven (i.e. I've allowed access on the phone), etc. It eventually goes from "Checking vulnerability" to "Your device is not vulnerable" and I'm unable to proceed to the "Get root" step. What am I doing wrong? Might be some recent system update? Probably less effort to just buy a Galaxy.
Please be gentle. I know I'm a noob.
z812 root
I previously rooted my maven with kingroot and the dirtycow exploit.sh file and today I was overwhelming the device by running multible windows and apps and the phone rebooted and root was still intact....haven't rebooted it again yet but I shall.