On Tue, Nov 9, 2010 at 4:18 PM, scoleman95 <[email protected]> wrote:
> aww come on Dianne help me out here LOL..ok let me rephrase this > question.. Is there any way to stop rooting of a device and if so how? > Actually my answer is the only one there is. An Android user build doesn't let users or apps get root. Anything that is getting root is exploiting a security hole. Thus to prevent things from getting root, you need to ensure there are no such holes. If you care about security on your device, they are a few big things you can do to improve it: (1) Be aggressive about delivering platform updates to the devices, since these have security fixes. (2) Contribute any fixes for security issues you find to the platform. (3) Make sure that the implementation of Android on your device follows the same security approach as Android: as little as possible running as root, as little as possible signed with the platform cert and running as the system uid, no back-doors to allow your code to do things that normal applications can't, verify the drivers you get from the hardware vendors don't have big security holes, etc. However, you clearly can't guarantee there is no security hole, so the only honest answer to your question is "you can't." -- Dianne Hackborn Android framework engineer [email protected] Note: please don't send private questions to me, as I don't have time to provide private support, and so won't reply to such e-mails. All such questions should be posted on public forums, where I and others can see and answer them. -- You received this message because you are subscribed to the Google Groups "Android Security Discussions" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/android-security-discuss?hl=en.
