02
Jun
thumb

Just a quick heads up for those worrying that the changes that will at some point probably cripple write access to /system even for root-enabled apps did not make it into Android 4.4.3.

This means you can remount /system as read-write, just as before, change build.prop, push APKs to /system/app, and do whatever you want without rebooting into recovery.

For now, you're safe. But probably not for long. And when the hammer drops, we'll have yet another reason to opt in for a custom ROM or kernel, because nobody can take our freedom, not even the mighty El Goog.

Artem Russakovskii
Artem is a die-hard Android fan, passionate tech blogger, obsessive-compulsive editor, bug hunting programmer, and the founder of Android Police.
Most of the time, you will find Artem either hacking away at code or thinking of the next 15 blog posts.

  • Daniel Traynor

    God damn!

    • http://www.androidpolice.com/ Artem Russakovskii

      Why? The sky's not falling.

      • Daniel Traynor

        It will be !! Lol

      • EH101

        "For now, you're safe. But probably not for long."

        This implies it is... perhaps just very slowly.

        • h4rr4r

          So then you boot a kernel without selinux, or you write the correct selinux polocies. not a big deal.

    • maysider

      I really do not like the Sundar Pichai times!!!! He is going to cripple Android, he wants to steal our freedom.....and we will leave.

  • Nathan

    Yeah, I have root.

  • Carlos Rodríguez

    Yep, I already replaced my hosts file and added a spnconf.xml to change my carrier's name.

    Cheers!

  • ufish2

    devs always have a work around...listen to jcase...;)

  • h4m

    Yep it works, I already made changes in fallback_fonts.xml so that Japanese characters instead of Chinese characters are shown. That's a serious flaw for years already and Google does nothing to fix that issue! >_<

  • Rod

    Artem,

    Please elaborate about the camera focus issue.

  • Frankie

    Is it coming for HTC?

    • Rod

      Yes, in 2015

  • Evan Cm

    As I have been saying on every article about this, let's stop freaking out about the loss of root. Google has no choice but to fix security flaws in Android, but so far they've struck a good balance between security and openness. Ultimately let's see what the final product is before we rush to judgment.

    • http://twitter.com/anishbhalerao Anish Bhalerao

      This.
      OR
      We can complain a bit, hoping that Google just adds an option to enable write to /system in Developer Options. That's what Developer Options is for, right?

      • EowynCarter

        People who need this can also remount with the proper rights.

        i was more annoyed when google decided third party apps couldn't activate gps anymore...a "toogle gps" permission would have done.

        • http://robert.aitchison.org raitchison

          Apparently with the new changes (coming in the future, not in 4.4.3) you won't be able to remount to get R/W access to /system. If you need to change something in /system you will need to have/build a flashable ZIP and boot into (a custom) recovery.

          As for the toggle GPS, of course Google wants people to leave GPS (as well as WiFi) enabled all the time which is why they blocked non-root access to those settings from apps.

          • EowynCarter

            Gps still off for me.

            I think it's to prevent rogue app from activating gps without the user being aware of it.

            And wifi toggle still works.

          • h4rr4r

            Or you boot a kernel that does not enforce these restrictions.

  • Max Pilat

    So is 4.4.3 FINALLY out?

  • Matthew Fry

    The Goog giveth, the goog taketh away.

    • primalxconvoy

      And the customer giveth monies and interest, and the customer doth go to iPhone if need be.

      • jay555

        And the customer doth cuts his nose off to spite his face.

    • Customer

      The customer chooseth, and the customer chooseth someone else.

      • http://robert.aitchison.org raitchison

        True, though the competition is already considerably worse off in this regard.

  • http://iron2000.blogspot.com/ iron2000

    Apple Cook told the folks in the Apple dimension about mobile malware, will Google go with that and push forward anti-root features in the next Android?

  • hp420

    I'm seeing reports stating this is not true with the OTA Nexus 4 update. Apparently the factory image and OTA are diffirent builds again...is there maybe some difference with OTAs and factory images, now?? Perhaps the root permissions are the deciding factor? It would make sense to offer r/w in /system via factory images, but block it with OTAs, since Google doesn't care, but carriers seem to.

  • abobobilly

    Right. Like thats gonna give us any comfort if it doesn't cripple /system write access. Why messing with SDCards :( Frigging Google.

  • mrjayviper

    2 years ago, I had an iphone. But I often hear about people installing ROMs (specifically CM) into their phones. 1 reason I moved into the Google platform is the openness of the software. if somehow this disappears, then I wouldn't hesitate going back to iOS.

    • mustbepbs

      Well iOS 8 is getting a lot of the same features we take for granted on Android, so you probably won't miss much.

  • wk

    Indeed! They can take our root access, but they shall never take our FREEEDOM!!!

  • 443_HOLO_HERA

    443 root it. le androidcirclejerk army is here!!!! DUARTE WILL NEVER NEVER FAIL US

  • Matthew Skalecki

    I'm slightly distressed that so many concerned people are completely ignoring the implications of Free Software to this situation. We are aware of this upcoming change directly because of the Linux kernel's GPL, and users who require write access to /system will be able to recover it for the same reason, by simply flashing a kernel compiled with the SELinux changes removed.

    THIS is exactly why Free Software exists.

    I personally welcome the SELinux enhancement and believe that modifying /system outside of OS installation and updating (ie. flashing from recovery) is an inherently flawed practice. Files which must be regularly updated ought to live elsewhere. That said, as a pragmatist, I understand that there may be inescapable reasons why one must break that purity. Again, this is why we should be glad that the kernel is Free Software.