You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
The idea is to make this module more secure by design, while still allow root debugging for developers/users.
Instead of:
int adbd_main(int server_port) {
// descriptor will always be open.
adbd_cloexec_auth_socket();
auth_required = false;
adbd_auth_init();
We can modify the original function's prop to something different, like:
int adbd_main(int server_port) {
// descriptor will always be open.
adbd_cloexec_auth_socket();
if (android::base::GetBoolProperty("ro.adb.insecure", true)) {
auth_required = false;
}
adbd_auth_init();
Then, adbd will check for ro.adb.insecure instead of ro.adb.secure. This also avoid SafetyNet detection.
By default, ro.adb.insecure should be false, so that if the phone gets connected to a new/unknown PC, it won't just trust and give all root permissions. The user can revert to the old behavior with ro.adb.insecure=true if they need (like for example a dead phone display).
The text was updated successfully, but these errors were encountered:
The idea is to make this module more secure by design, while still allow root debugging for developers/users.
Instead of:
We can modify the original function's prop to something different, like:
Then, adbd will check for
ro.adb.insecureinstead ofro.adb.secure. This also avoid SafetyNet detection.By default,
ro.adb.insecureshould be false, so that if the phone gets connected to a new/unknown PC, it won't just trust and give all root permissions. The user can revert to the old behavior withro.adb.insecure=trueif they need (like for example a dead phone display).The text was updated successfully, but these errors were encountered: