This significantly reduced the amount of interaction root app developers had to have with SELinux - many apps needed no changes.Īs this no longer works, SuperSU now patches the SELinux policy so that virtually all common cases root apps encounter should be covered. While full permissive mode had been disabled on Samsung firmwares for a while already, we could (and did) switch individual types to permissive mode.įor example, the 'init' context, where commands run through 'su' are usually executed with SuperSU, was one of these permissive contexts. Second, they finally killed off per-type permissive mode. While they undoubtedly had a brilliant reason for this, this is annoying for developers (both root and non-root) as seemingly random failures are often related to SELinux violations, and you no longer have a way to spot those.Īs such, SuperSU now disables all AUDITDENY rules in the SELinux policy. In English, that means they took a pretty convoluted (and possibly performance degrading?) route of disabling policy violation logging. While the previous SuperSU versions worked fine out-of-the-box with Samsung's beta 6.0 firmwares, the retail firmwares had some extra 'security'.įirst, they AUDITDENY'd nigh every possibly permutation of SELinux rules. The important thing this release is compatibility with the new Samsung 6.0.1 retail firmwares. Today's beta update to SuperSU comes with a number of bugfixes and changes, as is usually the case. Some formatting may be lost, links may be dead, and images may be missing.
NOTICE: This content was originally posted to Google+, then imported here.
0 kommentar(er)
