zak

It breaks their sandboxing model, which limits the impact of malicious/compromised apps.

To be clear, I'm not arguing against root here. I daily a rooted phone, and I believe if it's impossible to get root on something, it isn't really yours. You can get root on GrapheneOS; they just discourage it because they're strongly focused on security.

They're right. If a bug in AdAway, which needs root to write /etc/hosts caused it to fetch and execute malicious code, the malware could do anything I can do to my device. The scenario is plausible; it routinely fetches blocklists, and I imagine a sophisticated enough attacker could compromise the delivery mechanism.

I don't worry about that scenario because it's unlikely that kind of attacker will target me. GrapheneOS is meant for people who do have to worry about that kind of thing.

@Onomatopoeia @Zak@lemmy.world

@prism @Twakyr

It would be great if we had a fine-grained access control mechanism where the user could specify that AccA may write to anything in /sys/class/power\_supply and AdAway may write to /etc/hosts, but neither can access any *other* system files. Apps that use root almost always need a fairly narrow set of elevated privileges.

Android already has everything it needs to support that under the hood with SELinux. A UI for it would allow users full control of their devices with a reduced attack surface area.

@Dariusmiles2123 @cars Not only is it better looking, it's a hard-top convertible. I don't quite understand why anyone prefers soft-tops.

@ChaoticNeutralCzech @asklemmy @Zak@lemmy.world

That's true from Lemmy, but not from Mastodon. Mastodon won't detect !asklemmy@lemmy.world as a mention.

I'm curious as to how Lemmy handles collisions from external sources. @cat exists as both a user and a community. Since this is a comment, Lemmy shouldn't post it to the community, but will Lemmy users see a link to the user or the community?