Koushik Dutta Releases BETA of Superuser for Android

superuser_feat

Well known Android developer Koushik “Koush” Dutta has taken the wraps of the first beta for his new open source “ClockworkMod Superuser” application. This application is used to control the root-level permissions on “rooted” Android devices, giving the user the ability to individually allow and disallow applications which ask for root permissions.

Of course, anyone running a custom Android ROM will know that there are already applications in place to do just that, Chainfire’s SuperSU and ChainsDD’s Superuser. So why a new one?

Unfortunately, ChainsDD’s Superuser, while originally one of the tools that made rooted Android possible, has stagnated considerably. New Android features, such as the multi-user mode added in 4.2, are not supported in Superuser, and updates in general have been spotty at best (the last update to Superuser in the Play Store was July 2012).

Chainfire’s SuperSU on the other hand has developed very quickly, and has a number of excellent features. But there is a very big problem with SuperSU…it isn’t open source. It seems few people in the community are aware of this, but while SuperSU’s license allows it to be distributed in custom Android ROMs, the source is not available, and ROM maintainers are stuck with binary builds.

Entrusting your device’s security to a closed source application, especially when the majority of the operating system is open source software, is completely asinine. Koush had the following to say:

Superuser should be open source. It’s the gateway to root on your device. It must be open for independent security analysis. Obscurity (closed source) is not security.

Google+

Features

  • Multiuser support
  • Free
  • Leverages Android’s permission model
  • Logging (and per app logging)
  • Pretty UI
  • PIN Protection
  • Request Timeout
  • Customize notifications
  • x86 and ARM support.
  • Handle concurrent su requests properly
  • NDK clean

Downloading

Users can install this beta from ROM Manager, or download the installer manually. Note that this is not an APK package, it has to be installed through recovery mode.

Finally, the whole goal of this project in the first place, the source code, is available now on GitHub. Noticeably absent from the GitHub repository is any information on licensing, so it looks like that might still be up in the air at this point.


Tom Nardi

Tom is a Network Engineer with focus on GNU/Linux and open source software. He is a frequent submitter to "2600", and maintains a personal site of his projects and areas of research at: www.digifail.com .

Related posts

Top