Note from Artem: The post's author, Justin Case, also known as jcase in the Android community, is an xda Elite Recognized Developer, AP team member, and an all-around knowledgeable guy when it comes to Android's internals. When he speaks, I tend to listen.

The Android world was slapped in the face when well-known developer AndreiLux made a post in the XDA Galaxy S4 forum titled [Info] Rooting will be impossible on newer stock kernels.

His post has caused some unwarranted drama in the community, and I wish to set this subject straight as much as I can. AndreiLux is pointing out a new feature in Samsung Galaxy S4 kernel called CONFIG_SEC_RESTRICT_SETUID. This feature helps prevent processes (like malware, exploits, or su) from changing a normal user to root (or system, etc.) user by using SETUID. His title can be easily misunderstood by those who are not well-versed in Android development, but his information is basically correct.

This new feature does not stop users from rooting. Samsung has long been a silent champion of the developer community. The vast majority of their products are unlocked and allow users to install custom firmware, with the exception of some Verizon and AT&T products, and they are one of the speedier manufacturers with releasing kernel sources.

AndreiLux tells us installing a custom kernel will still allow us to have root access on our Galaxy S4. So what does this new feature really do? It tries to prevent malware from abusing exploits like Exynos-abuse to gain root, and a consequence of that is disrupting how Superuser works on our phones. Solution? Install a kernel with the feature disabled and give up some security for more freedom.

Bottom line, Samsung is trying to protect the average user from malicious activity, while still giving our community the access we want (ability to root our phones). If you complain about this feature, then you should lose the right to complain about Android security missteps in the future.

My two cents.

Update: XDA Recognized Developer jeboo posted a 1-byte binary patch to disable CONFIG_SET_RESTRICT_SETUID.

tl;dr: The latest Exynos Galaxy S4 kernel update makes your phone safer, more secure, and ultimately doesn't prevent you from having root.