The Death of Root

Android 4.3 introduces some new and much needed security features which not only restrict setuid binaries on the system partition (su), but also limit the capabilities of processes. In the current architecture, even if you could get elevated privileges, you can't do anything out of the ordinary. Root in the shell via ADB is all I use, and it still works just fine.

This isn't a problem for me, since I use CM. When there is a situation that I'd need root, I just modify the system to accomodate what I'm trying to accomplish in a secure way. I can understand the desire to have full root on stock ROMs, since you're severely limited in what you can do and there is no provision for making any sort of real changes or improving the architecture. 

+Koushik Dutta and +Chainfire are working hard to permit root in some way on 4.3, but I feel that anything done at this point might severely compromise the security of the system and we should start considering better options.  Going forward, I'm interested in building framework extensions and APIs into CM to continue to abolish the root requirement.

A few good use cases for root are:

 * Firewalls and network software, potentially requiring raw sockets.
 * Managing the DNS resolver
 * Tweaking various sysfs nodes to control the kernel

All of these can be done without exposing root, and they can be done in a very secure way.

If you're using CM or another custom ROM, what do you actually use root for?
Shared publiclyView activity