• chonglibloodsport@lemmy.world
    link
    fedilink
    arrow-up
    6
    arrow-down
    9
    ·
    edit-2
    7 months ago

    The issue is that you don’t want to give some random untrusted process root access. You, the user, have root access as long as you’re capable of running processes as root, but that doesn’t mean you should.

    There could be tons of apps on the iOS App Store or Google Play Store that are completely benign under the existing security model but do nefarious things when run as root. No one knows that for sure because they aren’t tested under root by Apple or Google.

    The problem with root is that it’s giving the process the keys to the Ferrari. That’s long since been decided to be a bad security model. Far better to have the process request permission to access particular resources and you grant them on a case by case basis.

    • kick_out_the_jams@kbin.social
      link
      fedilink
      arrow-up
      11
      ·
      edit-2
      7 months ago

      The issue is that you don’t want to give some random untrusted process root access.

      It’s been awhile since I’ve used anything but Magisk but usually you have to set root permissions per app, or you can get Magisk notification to request access.

    • bort@sopuli.xyz
      link
      fedilink
      arrow-up
      8
      arrow-down
      2
      ·
      7 months ago

      I just want to point out, that what you are saying sounds good in an ideal world. But the realitiy looks different. (I actually typed out some points, but then I remembered that I don’t want to engage in yet another lengthy internet-debate, that ultimately comes down to personal preferences and philosophy)