What steps will reproduce the problem?
1. Install superuser on a rooted android phone
2. Open a shell and run 'su'
3. Note that you're asked if you want to give that app permission to run as
super-user, but there
is no password.
What is the expected output? What do you see instead?
I expect to be asked for a password before being granted su access. As it
stands, this looks like
it could be used by someone who got hold of my phone to, for example, get my
gmail password
from the gmail app.
Now I know that with physical access they could always flash the phone anyway,
but this changes
the attack from 'root the phone', including multiple restarts, to 'enter a few
shell commands'.
The fix could be something as simple as enabling the lock screen (requiring the
user the unlock
the phone, even if the lock screen is not normally enabled) when bringing up
the 'allow'/'deny'
screen. That would add a password, but in a way that is relatively unobtrusive.
Original issue reported on code.google.com by
will.ut...@gmail.comon 16 Jan 2010 at 9:18