Chainfire Drops Some Superuser Knowledge
When you say “superuser” some might make the mental jump to an image of Superman flying around with a computer strapped to his back and a keyboard in hand to ward off the hacking attempts of mere mortals; others might jump to an image of Wonder Dog helping Wendy and Marvin fight the super villains; and still others will wonder if you’re referring to the latest culinary creation down at the corner of 8th & Sixth in NYC. Regardless, it evokes imagery that requires context to decipher what it is you’re discussing.
In the context of Android, Superuser has become synonymous with the Superuser app created by XDA Recognized Developer ChainsDD that grants you (and applications) root privileges by allowing you to accept the request or not. His app and process for obtaining root were the only options on the block for a long time, until XDA Elite Recognized Developer Chainfire sought a different solution to requesting and granting root privilege requests. The result of that endeavor was SuperSU, which has increasingly become a mainstay and is being included in more and more new custom ROM development these days.
Back in July Chainfire started a discussion on Google+ about his investigations on how developers were using root privileges, and had this to say about what he had begun to find:
Since I started writing SuperSU, I have investigated and reverse engineered a large number of apps that had problems with SuperSU, Superuser, or both. Aside from a few bugs in SuperSU (yes, they do happen), by far most problems were one of these two:
(1) Improper code calling “su”. I’ve seen a lot of weird Java code to execute commands as root – some you would not believe!
(2) Calling “su” from the main UI thread. “su” can be a blocking call. There is no excuse to run it from your main thread. EVER.
Even though #1 is not insignificant, #2 here is by far the most likely reason of crashes of a rooted app !
He then promised that he would have more to share after his holiday, and the Big Android BBQ is where he first teased us with his findings. He presented information about the correct (and incorrect) ways for an application to request root privileges and then promised that he would release his full article along with sample code. Now, he has. You can visit the original thread for more information or read the article on his website.