evdenis / adb_root

Magisk Module that allows you to run "adb root". Android 10 only. Probably will work with Android 9. Definitely not with Android 11/12.
GNU General Public License v2.0
450 stars 76 forks source link

Make it a bit more secure #20

Open BienGudBoy opened 1 year ago

BienGudBoy commented 1 year ago

The idea is to make this module more secure by design, while still allow root debugging for developers/users.

Instead of:

int adbd_main(int server_port) {
     // descriptor will always be open.
     adbd_cloexec_auth_socket();

     auth_required = false;

     adbd_auth_init();

We can modify the original function's prop to something different, like:

int adbd_main(int server_port) {
     // descriptor will always be open.
     adbd_cloexec_auth_socket();

    if (android::base::GetBoolProperty("ro.adb.insecure", true)) {
        auth_required = false;
    }

     adbd_auth_init();

Then, adbd will check for ro.adb.insecure instead of ro.adb.secure. This also avoid SafetyNet detection. By default, ro.adb.insecure should be false, so that if the phone gets connected to a new/unknown PC, it won't just trust and give all root permissions. The user can revert to the old behavior with ro.adb.insecure=true if they need (like for example a dead phone display).