microG: information & safety about SafetyNet/DroidGuard
I'm using microG because I don't want closed binaries running on my Android Device with privileged rights. In this context, I would like to get more information about SafetyNet and DroidGuard, but unfortunately I don't find anything relevant.
If I understood correctly, SafetyNet is a Google API that provides information for the other applications about the state of the device, concerning the security (like bootloader state and so on). In this system, DroidGuard is a closed binary tool that can perform signatures or check in the SafetyNet context.
As indicated in microG, the SafetyNet implementation is open source, but it depends of the DroidGuard binary to perform some operations.
So my question is: is it safe to enable SafetyNet into microG, due to the DroidGuard part? By safe I mean, no risk to see a closed binary doing some thing I don't want? Because, if the service is run as root, it could theoricaly do anything on the device, no?
I'm OK to use closed apps in a microG ROM due to the authorization isolation provided by Android, and I'm also OK to use some Google features. But I'm not OK to have closed binaries running without isolation on the device.