Sunday, April 12, 2015

security - How do I protect my phone from malicious apps once it is rooted?


I rooted my phone.


Now if I use a Terminal Emulator such as Android Terminal Emulator, I noticed that I can can easily obtain root access without a password:



$ id
uid=10059(app_59) gid=10059(app_59) groups=1015(sdcard_rw),3003(inet)
$ su
# id
uid=0(root) guid=0(root) groups=0(root)

In the Unix server and desktop world, a superuser account with no password is considered dangerous because the superuser account has access to all resources on the machine.


Is this similarly dangerous on an Android phone? If so, how can I protect my phone from malicious apps which try to gain root? Can I manage which apps have access to the superuser account on this phone?



Answer



There's a similar question which covers some of this: Security risks of rooting your android smartphone. However, since it doesn't really explain how you manage access to the root user, I'll expand on that here.



When you root your device, you basically always (technically I suppose you don't have to, but you should) install the Superuser application along with the su binary. Superuser's sole purpose is to manage which applications are permitted to elevate to root and which are not. The default behavior is that Superuser will prompt you whenever a new app tries to execute a call to su, and you can then allow or deny it using the prompt. It can save your decisions so that you won't get prompted more than once for the same app, but you can erase this saved data from the Superuser settings page. It also provides a log viewer which keeps track of when su is accessed and by which applications.


Now, the tricky part is that many of the newer malicious apps will actually perform an exploit to gain root access rather than simply trying to make a call to su. There's really not much you can do about these aside from being careful about what you install and where you install apps from since they aren't even using su to begin with. However - to directly answer your question - apps which require legitimate root access can be easily managed by Superuser as explained above.


If you are rooted but don't already have Superuser then you should be able to simply install it from the Market, I believe.


-

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)

samsung galaxy s 2 - Cannot restore Kies backup after firmware upgrade

I backed up my Samsung Galaxy S2 on Kies before updating to Ice Cream Sandwich. After the upgrade I tried to restore, but the restore fails ...