Hostile to root

Posted Jul 25, 2025 7:13 UTC (Fri) by wsy (subscriber, #121706)
Parent article: Graphene OS: a security-enhanced Android build

As a grapheneos user, my only complaint is its lack of support for root permission. I have to use a custom build of magisk and keep the bootloader unlocked. I don't think giving device owner root permission weakens the security of the system. With root permission, I can use more tools to monitor and control how apps work.

Hostile to root

Posted Jul 25, 2025 10:15 UTC (Fri) by numgmt (guest, #167446) [Link] (2 responses)

The GrapheneOS developer community vehemently disagrees with the notion that rootful Android does not weaken the security of the system.

Notably, without Verified Boot, malware persisting at the lowest levels of the device is possible. It prevents rootkit persistence. Without verified boot, you have no guarantees. This is a compelling reason to have a locked bootloader with verified boot enabled.

In fact, it's a big reason why the Pixel is the only device GrapheneOS supports. Few other OEMs produce phones that allow you to re-lock the bootloader.

That being said, if GrapheneOS didn't exist, I'd be running rootful LineageOS or whatever the heck would get me a halfway decent experience instead of stock.

Hostile to root

Posted Jul 25, 2025 16:09 UTC (Fri) by wsy (subscriber, #121706) [Link]

Verified Boot does not mean owners can't have root permission. I just want to do whatever I want to 3rd party apps without modifying the system. I do understand most people don't need that. But for me a device without root is not my device.

Hostile to root

Posted Jul 31, 2025 17:29 UTC (Thu) by raxod502 (subscriber, #172505) [Link]

I would certainly agree with your use of the word "vehemently" to describe how GrapheneOS developers talk about root access. It honestly makes it really tiring to engage in their community in a meaningful way if you aren't on exactly the same page about every detail, and if you don't have exactly the same threat model as the core developers.

Yes, of course my having root access to my device makes certain types of attacks possible that were previously impossible, but on the other hand it also makes certain other types of attacks impossible that were previously possible. Everyone has a different threat model and the inability to recognize this seems both patronizing and unproductive to me. "Only a Sith deals in absolutes", right?

And if having root access to your device compromises it so severely that it's not even worth discussing, should we all throw our laptops and desktops in the dumpster? Is Linux cancelled because it doesn't have System Integrity Protection like macOS...?