you should be careful about installing arbitrary aplications to your dev phone. Writing an application to execute "su" via JNI takes like 1 minute...
Marco P. wrote: > Thanks for your answer, > your pointer led to some interesting finds. > For anyone interested > http://forum.xda-developers.com/showthread.php?t=449536 > http://code.google.com/p/superuser/ > > So if JF's image needs to include superuser, the "bug" is/will be > there in RC33/1.1-h/1.1-to_be_released? > > > On Feb 13, 6:14 pm, Disconnect <[email protected]> wrote: > >> Install "superuser" (used to be in market, not sure where it is now.) >> >> Or JF's ADP1 image, which has it by default. (http://jf.andblogs.net/) >> >> On Fri, Feb 13, 2009 at 8:23 AM, Marco Bridge <[email protected]>wrote: >> >> >> >> >>> I recently got an ADP1, >>> one of the first applications i tried is Terminal Emulator by Google. >>> >>> Entering 'su' at the prompt is sufficient to get a root shell, without >>> any password. >>> >>> Isn't that a security issue? >>> For example, can't another application obtain the same privileges and >>> do whatever on my phone? >>> Moreover the only 'permission' required by the terminal app is >>> 'network access', >>> 'root access' is not mentioned.. >>> >>> I suppose this is possible for ADP1 only, >>> but since i use mine as a main phone, can i turn this off? >>> (i.e. require a password at least) >>> >>> Ciao >>> M >>> > >
