Originally Posted by Macrodroid
Ok, I'm sure - the answer to this is in here somewhere, but an hour searching is enough...
What exactly does the s-on mean in the hboot? I started from leak 1, upgraded to leak 3, then root. My hboot shows s-on... How does this affect my phone?
Sent from my Froyo Eris using XDA App
The first "root" which was gained on the Eris was via a leaked HTC "Engineering" ROM which had the 1.49.2000 S-OFF bootloader. An "S-OFF" bootloader has normal security checks suppressed, so that you can use the "fastboot" utility with the phone's bootloader in "FASTBOOT USB" mode to write to various partitions, including the recovery partition. In addition, that same Engineering ROM allowed you to obtain a root shell via the "adb" (Android Device Bridge) tool in the SDK, so you could also write to partitions (including the recovery partition) with the OS of the phone booted.
The way that rooting occurred in most of the early cases was similar to what we do now: as a first step, the recovery boot partition is replaced with a custom recovery (Amon_RA v1.6.2), and then after that a replacement OS is flashed via the (Amon_RA) recovery boot. In a way, the S-OFF bootloader was sort of "free" - you had to apply the Root-ROM (PB00IMG.ZIP) file to the phone using the bootloader HBOOT mode, and this would flash all partitions on the phone.
In any event, if you look at earlier posts, they are dominated by discussions of "what bootloader version do you have" - because if you had a 1.46.0000 S-ON, or 1.47.0000 S-ON bootloader, it was possible to apply the Root-ROM flash using HBOOT; whereas if you had jumped the gun and applied any of the other HTC 2.1 Test release ROMs (which became known as "Leak-V1", "Leak-V2", or "Leak-V3", and had a 1.49.0000 S-ON bootloader installed as a result of that), then it was impossible to apply the "Root ROM" to the phone using HBOOT.
The newly-discovered methods exploit a different hole in the booting of the main OS, so the bootloader is not touched - a permission bug is exploited so that the recovery partition can be overwritten by any user on the phone (root isn't even needed!). Therefore, the recovery partition can be replaced without flashing the entire phone (just as it was in "the wayback").
So, if you look through those old threads where someone asked "I think I rooted, but I am not sure", other folks in the know would ask "does your bootloader say S-ON or S-OFF?"
But now we can gain privilege on the phone by directly overwriting the recovery partition with a custom recovery , and then booting that (which always has root privilege). You can now get a "rooted" recovery, and then a "rooted" ROM installed afterward onto the phone without ever touching the bootloader.
In practice, nobody has been able to detect any noticeable dependencies of the OS on version of the bootloader; if you can get a new OS installed onto the phone by hook or by crook, neither the bootloader nor the OS seem to care what the version of the other is.
That's the long explanation for "you don't need to worry too much about it any longer".
Having an S-OFF bootloader provides just a little bit more flexibility for emergency recovery of the phone; on the other hand, flashing the bootloader is the absolute most dangerous flashing operation that happens on the phone
. Everything on the phone springs to life via the bootloader - it has to be intact for anything else on the phone to work.
So, I'd say - "don't worry, be happy". And leave your bootloader as it is.