latest
KernelSU reborn: Developer ports kernel-assisted root access to GKI compatible devices
A Magisk successor at last?
Among the Android modding circles, there's no app more recognizable than Magisk. It has a well-earned reputation as the de facto standard for rooting your phone, tablet, and really just about anything that runs Android. While Magisk managed to establish itself as the successor to Chainfire's SuperSU, the aftermarket development community stumbled on multiple root solutions during the transition phase. Apart from the notable ones, e.g. the LineageOS su add-on or XDA Recognized Developer phhusson's SuperUser, we also came across unique implementations, such as Kernel Assisted Superuser (KernelSU) by Jason Donenfeld AKA XDA Recognized Developer zx2c4.
WSL Hello sudo brings Windows Hello authentication to Windows Subsystem for Linux
This open-source app lets you authenticate sudo requests made under Windows Subsystem for Linux (WSL) using biometric login of Windows Hello.
The Windows Subsystem for Linux (WSL) is an important part of Windows 10. Originally meant for developers building web and cloud applications, WSL nowadays turned into something a lot more powerful that brings two very different operating systems together. Since WSL 2, the Linux layer is powered by a variant of Microsoft's Hyper-V virtualization technology, and it ships with a Microsoft-compiled and supported Linux kernel. The integration between WSL and the underlying Windows 10 is so flexible that one could easily run Windows tools from the Linux command line and vice-versa.
PSA: If your PC runs Linux, you should update Sudo now
Researchers at Qualys have discovered a security vulnerability in the Sudo program that can be exploited to gain root access on Linux PCs!
Despite the fact that tens of thousands of contributors actively pore over the source code of the Linux kernel and various Unix utilities looking for security flaws, it's not unheard of for serious bugs to go unnoticed. Just a day ago, the folks over at Qualys revealed a new heap-based buffer overflow attack vector that targets the "Sudo" program to gain root access. The bug this time seems to be quite serious, and the bug has existed within the codebase for almost 10 years! Although the privilege escalation vulnerability has already been patched, it could potentially be exploited on nearly every Linux distribution and several Unix-like operating systems.
LineageOS is dropping its own superuser implementation, making Magisk the de facto solution
LineageOS 17 will no longer recommend its own addonsu package, making Magisk and Magisk manager the de facto choice for superuser binary and management.
LineageOS is one of the most popular custom ROMs available for Android devices, if not the most popular custom ROM out there. This custom ROM takes Android as found on the Android Open Source Project (AOSP) and adds its own flavor on top of it. A lot of custom ROMs tend to then adopt LineageOS as their own base, so any major change that LineageOS undertakes for itself tends to propagate throughout the custom ROM community. The developers behind LineageOS are aware of this repercussion and make informed decisions accordingly. The upcoming release of LineageOS is significantly changing how root access is handled, as the ROM is dropping support for its own addonsu binary in favor of Magisk.
It's really hard to imagine XDA without SuperSU. The most popular and essential root application has been providing root access and management on Android devices for years. Unfortunately, the latest versions weren't working entirely properly, so XDA Senior Recognized Developer Chainfire made a statement to shed some light on the problem.