What are the security implications of MicroG?

[Darin755]

I apologize if this is the wrong place to ask this. What are the security implications of MicroG? I think that the signature spoofing requires root but I don't fully understand the attack surface. Does the entire MicroG core service run as root or is it just part of it?

If there is different place I should ask this let me know.

[ale5000-git]

Signature spoofing doesn't require root to work. If the ROM support it out of the box, no root is required. If the ROM doesn't support it out of the box, you can just root, patch and then unroot.

microG never require or even use root.

[lucasmz-dev]

If you wanna run microG unprivileged (running it privileged still doesn't mean root! just extra permissions to do things better, basically how your dialer app is a system app) then LineageOS does that (DivestOS doesn't "support" it) if you just install microG as an user app.

The signature spoofing implemented in CalyxOS, LineageOS and DivestOS are all restrictive and only work for microG, to do what it is intended to do only, pretend that microG is Google Play Services to other apps.

microG is highly configurable and you set it to only do what you want it to, basically.

You can also run microG off-line by not enabling any of the device registration settings, push notifications, etc, that gives you a basic compatibility layer for some apps so that they don't crash immediately.

I'd leave "Remember from GPS" though.

microG is OK for security.