Titokhan / boot-unlocker-gnex

Automatically exported from code.google.com/p/boot-unlocker-gnex
Apache License 2.0
0 stars 1 forks source link

Forbid OTA update when bootloader is locked #30

Open GoogleCodeExporter opened 9 years ago

GoogleCodeExporter commented 9 years ago
Current setup (if I'm right) may end up in undesired situation if one uses a 
secure setup (I mean setup no one can abuse by rebooting to unprotected 
fastboot/recovery):
* phone is rooted (and BootUnlocker is installed)
* bootloader is locked
* stock recovery
* OTA update is proposed and accepted
=> oops!
* phone is not rooted anymore
* bootloader is locked
* stock recovery
=>
At that point one will have to use again fastboot oem unlock and erase 
everything

So what I'm doing on my phone:
 echo "# Remove me to allow OTA update" >> /system/build.prop

This makes sure nobody can apply OTA by accident before unlocking bootloader 
(to allow booting on alt recovery and applying rooting again)

This could be actually a feature of BootUnlocker:

Prevent automatically that OTA updates can be applied (and root access lost) if 
bootlocker is locked.

Some details of the full procedure: 
http://wiki.yobi.be/wiki/Android#Rooting_and_OTA

I know rooting software try to preserve root access over OTA but by experience 
over those last OTA, it often fails so it's critical to have an unlocked 
bootloader when applying OTA update.

Original issue reported on code.google.com by yob...@gmail.com on 20 Jun 2014 at 9:06

GoogleCodeExporter commented 9 years ago
I sympathize here; I've made that mistake myself.

However, I don't particularly want to mess with people's build.prop; there are 
too many possibilities for problems here. I would rather tamper with some other 
less-important file.

Original comment by jmason...@gmail.com on 9 Jan 2015 at 10:53

GoogleCodeExporter commented 9 years ago

Original comment by jmason...@gmail.com on 9 Jan 2015 at 8:33

GoogleCodeExporter commented 9 years ago

Original comment by jmason...@gmail.com on 9 Jan 2015 at 11:13