Originally Posted by Mike B.
Since this is unrelated to AdAway I won't go into the details about SElinux ("Security Enhanced Linux") but the short answer is that unless you are overly paranoid there's no good reason to keep an enforcing SElinux. In fact, most good kernels are permissive by default. You should also consider whether you really need Clean Master. Many such "security" and "optimization" tweaks and apps are effectively pointless and tend to cause more headaches than necessary. Make sure to run regular full Nandroid backups and you'll be fine! .
I have to disagree on the SELinux and kernel statement but agree with the Clean Master and other tool statements.
RE SELinux, android 6.0 brought a few security checks into android, selinux, the safetynet checks, etc. Instead of having root kill them chainfire has made supersu not require permissive kernels and instead modify the sepolicy for what is needed for root. In the beta supersu thread you can read from early october on, there is some great conversation figuring out the minimal needed to add to the policies and security contexts. Here is one of his statements
regarding permissive. The idea is we don't want to destroy the security google is trying to bring to the android platform just by rooting. Since editing these policies meant patching the kernel's ramdisk he then took it a step further to have root be possible without modifying system partition at all. This doesn't mean the user can't going ahead and do themselves (they have root), but it does mean that a systemless root will not break the safety check as well, and outside of needing to revert your stock kernel, you could then apply an OTA update. With custom roms this becomes less imp so the latest supersu 2.66 will try to detect if it can even do a systemless root and if not do the normal system root. All of the kernel devs i've seen come into that thread, IE the one for elementalx , etc. all have enforcing kernels. I haven't checked the kernel scene much but i'd guess all can run enforcing now with minimal issues.
Also with the security google is bringing to android, which I am in favor of, having root access doesn't guarantee write access to system. root just mean you can escalate your privileges, nothing more. On the N6 google made the system partition the exact size needed in 6.0.x so there is no permission going to help you there. On my 6p i can't mount /system rw booted into android, only in root recovery shell, etc.
AdAway of course needs to modify a hosts file in /system/etc/hosts and there are ways to do that without ever touching system so we are good regardless.
I just wanted to clarify some of this here but really the beta supersu thread is where all this good conversation is and let's keep in mind these new SuperSu's aren't yet out of WIP thread yet. So we still have to watch and wait where this ends up.