Hello, I’m wandering if there is a rooting community on lemmy? Can someone please link me to it if it’s the case? Thx!

  • random65837@lemmy.world
    link
    fedilink
    English
    arrow-up
    12
    arrow-down
    3
    ·
    1 year ago

    You’re ignoring context. Yes, rooting let’s say, a stock OS on Android does give you more control, including things that can secure it more, but that doesnt change the fact that it does open holes for both physical and remote exploits that would go after system level changes. Thats not debatable, thats simply howba *nix/BSD based OS functions. Thats also ignoring that having the root acct enabled means leaving the bootloader unlocked which means no verified boot, anybody that attempts to claim thats not a gaping security issue has no place commenting on mobile phone security.

    Thats why most *nix based OS’ starting disabling root accounts by default and want you to use sudo instead.

    • jard@sopuli.xyz
      link
      fedilink
      English
      arrow-up
      4
      ·
      edit-2
      1 year ago

      Not only are root accounts themselves disabled by default, but it’s also highly recommended that any methods of remote and local login to root are disabled. It’s literally the most basic hardening step you can do for any Linux setup.

      My VPS gets hit by tens of thousands of attempts to SSH into root every single day. My fail2ban jail for ssh alone get so absurdly large that it fills my remote terminal, and that’s not even including the fact that I ban by CIDR blocks, not individual IP, so I have hundreds of IPs blocked for a single fail2ban entry.

      None of those attempts are actually successful as I’ve completely disabled password authentication and logins to root. The last thing I would want on my phone is full, unadulterated root access for that reason alone.