The idea is to make this module more secure by design, while still allow root debugging for developers/users.
Instead of:
int adbd_main(int server_port) {
// descriptor will always be open.
adbd_cloexec_auth_socket();
auth_required = false;
adbd_auth_init();
We can modify the original function's prop to something different, like:
int adbd_main(int server_port) {
// descriptor will always be open.
adbd_cloexec_auth_socket();
if (android::base::GetBoolProperty("ro.adb.insecure", true)) {
auth_required = false;
}
adbd_auth_init();
Then, adbd will check for ro.adb.insecure instead of ro.adb.secure. This also avoid SafetyNet detection.
By default, ro.adb.insecure should be false, so that if the phone gets connected to a new/unknown PC, it won't just trust and give all root permissions. The user can revert to the old behavior with ro.adb.insecure=true if they need (like for example a dead phone display).
The idea is to make this module more secure by design, while still allow root debugging for developers/users.
Instead of:
We can modify the original function's prop to something different, like:
Then, adbd will check for
ro.adb.insecure
instead ofro.adb.secure
. This also avoid SafetyNet detection. By default,ro.adb.insecure
should be false, so that if the phone gets connected to a new/unknown PC, it won't just trust and give all root permissions. The user can revert to the old behavior withro.adb.insecure=true
if they need (like for example a dead phone display).