[TOOL] SimpleSU v0.7

Search This thread

_n0p_

Senior Member
Apr 9, 2009
2,559
1,832
44
Kyiv
n0p.8bit.fm
So.
As i was slowly preparing DSC v2.0 i met a hard decision: what root tool to include :)
Both Superuser and SuperSU are nice, but quite heavy :)

I decided to take my own way - rewrite su executable itself to suit my vision:

I've aknowledged that i have not modified my root access list for half a year. I don't need and don't want a separate Java process to control root access. I want a simple way to allow root access for application (via whitelist), but block unwanted (i.e. all not in list). Still, it should allow end-user to install either SuperSU or Superuser.
In short - ideal su solution for myself that should also work good for depersonalized custom ROM (with predefined access list), leaving it to end-user to decide which app he will install for superuser access.
And i didn't find a ready solution, so decided to write my own.

Here it is (attached):

SimpleSU
Simplest and lightest superuser solution (with access control)

How it's done:
Same as usual SU for Linux with control access list read from /system/etc/dsc.su_list
dsc.su_list structure is very simple:
One line per android app (case sensitive), windows and unix line breaks should be supported fine.
Current proposed list for DSC 2.0 (and an example):

dsc.SimpleSU.acl
dsc.settings
dsc.uv
dsc.levels
dsc.mugen
jackpal.androidterm
ru.org.amip.ClockSync
eu.chainfire.supersu
eu.chainfire.supersu.pro
com.ryosoftware.adbw
com.googlecode.droidwall.free
com.noshufou.android.su
de.schaeuffelhut.android.openvpn
de.schaeuffelhut.android.openvpn.installer
com.elsdoerfer.android.autostarts
com.speedsoftware.rootexplorer
com.geeksoft.screenshot
com.rerware.android.MyBackupPro
com.ghostsq.commander
ws.plattner.cifsmanager
mobi.pruss.superdim
com.force.timezonefixer
com.bigtincan.android.adfree

Caller process tree is walked till init, if match is found, access is granted.

How to install?
Via adb shell:
Code:
adb push su /system/xbin/
adb shell chmod 6755 /system/xbin/su
adb push dsc.su_list /system/etc
adb shell chown root.root /system/etc/dsc.su_list
adb shell chmod 644 /system/etc/dsc.su_list

Note that you have to manually add entries to white list (/system/etc/dsc.su_list) to grant root access in form of app full Java class name. For example, it's com.keramidas.TitaniumBackup for Titanium Backup.

As pointed by dr911, works in multiuser environment (being a linux binary).

Currenly SimpleSU supports two command formats:

Usual: su -c 'make me a sandwich'. Note that only "-c" works now. Seems to be enough though. Command simply passed to the shell.

Legacy (as seen in Google/Android su source): su username make me a sandwich. Shell is not executed in this case, so no environment variables right now in this format.

Have fun,
Sergei.

Changelog:
02.04.2013: v0.7. ":service" suffix granted root access for already granted app, more logging on reject. (0.6 had only more logging)
27.11.2012: GUI updated - forgot about remounting /system in rw mode. Attached to this post.
21.11.2012: GUI done. http://forum.xda-developers.com/showpost.php?p=34439975&postcount=41
14.11.2012: v0.5. LD_LIBRARY_PATH fixup (taken from ChainsDD), pointed by Rupert Rawnsley. Also some legacy format command-line handling changed. Also, insecure version added (no checks made, asked=granted).
11.11.2012: v0.4. Code cleanup, no longer beta, revised and fixed code with potential string overflows.
09.11.2012: v0.3b. Code changed to allow legacy format command execution.
09.11.2012: v0.2b. Fixed call with multiply parameters. OpenVPN installer works. Dynamic linking, so very small binary. Logging to system log.
07.11.2012: Fixed segmentation fault on reject, added version and build date, removed debug info.
 

Attachments

  • SimpleSUv0.1b.zip
    51.8 KB · Views: 224
  • SimpleSUv0.2b.zip
    3 KB · Views: 63
  • SimpleSUv0.3b.zip
    3.2 KB · Views: 231
  • SimpleSUv0.4.zip
    3.2 KB · Views: 114
  • SimpleSUv0.5.zip
    3.4 KB · Views: 431
  • DSC_SimpleSU_ACL.apk
    29.5 KB · Views: 532
  • SimpleSUv0.7.zip
    3.7 KB · Views: 648
  • SimpleSU.Insecure.v0.7.zip
    2.1 KB · Views: 458
Last edited:

Androidmarketuser

Senior Member
Oct 21, 2010
330
203
Can I avoid these little delays (the appearing popup of SuperSU or Superuser) with this alternative?
And if I have Superuser preinstalled can I delete it and are there other files which belongs to it and can be deleted?
Thank you for sharing your work :)
 

Shree_Jamdar

Senior Member
Oct 5, 2010
251
58
Hi

Have you noticed any improvement in terms of speed etc? Is superuser really that heavy? How much RAM can i get by using this and ditching the superuser app? We can use this in our Galaxy 3 forum !
 

pawan1993

Senior Member
Sep 27, 2010
467
201
Can I avoid these little delays (the appearing popup of SuperSU or Superuser) with this alternative?
And if I have Superuser preinstalled can I delete it and are there other files which belongs to it and can be deleted?
Thank you for sharing your work :)

Delete system/xbin/su and uninstall your superuser app from the system.
 

_n0p_

Senior Member
Apr 9, 2009
2,559
1,832
44
Kyiv
n0p.8bit.fm
Oh. Looks SimpleSU got in news :)

Can I avoid these little delays (the appearing popup of SuperSU or Superuser) with this alternative?
And if I have Superuser preinstalled can I delete it and are there other files which belongs to it and can be deleted?
Thank you for sharing your work :)

You won't experience any delays - but in cost of manually editing the list. And no popups, it's simply a linux binary. After replacing su binary you may uninstall Java part.

Have you noticed any improvement in terms of speed etc? Is superuser really that heavy? How much RAM can i get by using this and ditching the superuser app? We can use this in our Galaxy 3 forum !

I did experience lags when using Superuser and SuperSU. I don't think modern device would benefit from SimpleSU. I expect to free 15-20MB. Good for Streak with 512MB.
I may eventually write a list editor, but most probably won't.

Again, this tool would do as preinstalled SU solution in Custom ROM (though i can't test >2.3 compatibility):
Grant predefined (and included in ROM) apps the superuser rights.
Allow end-user to choose and install he's preffered SU solution right from Play Store.

--
Have fun,
Sergei
 

Androidmarketuser

Senior Member
Oct 21, 2010
330
203
You won't experience any delays - but in cost of manually editing the list. And no popups, it's simply a linux binary. After replacing su binary you may uninstall Java part.

I did experience lags when using Superuser and SuperSU. I don't think modern device would benefit from SimpleSU. I expect to free 15-20MB. Good for Streak with 512MB.
I may eventually write a list editor, but most probably won't.

Again, this tool would do as preinstalled SU solution in Custom ROM (though i can't test >2.3 compatibility):
Grant predefined (and included in ROM) apps the superuser rights.
Allow end-user to choose and install he's preffered SU solution right from Play Store.

--
Have fun,
Sergei

Exactly what I searched, thanks :good:
I will test it on my old Desire with Android 4.1, I can tell you whether it's compatible or not.
 

A_U

Senior Member
Jun 6, 2012
3,330
4,588
Wichita
www.facebook.com
nice tool...very lite. i m using this in extreme barebone roms for my galaxy mini. really nice, but the problem is only some apps r being granted permissions, some denied.
i hope u increase the list of activities. then this is a hit for me :)
good luck.. :)
 

_n0p_

Senior Member
Apr 9, 2009
2,559
1,832
44
Kyiv
n0p.8bit.fm
nice tool...very lite. i m using this in extreme barebone roms for my galaxy mini. really nice, but the problem is only some apps r being granted permissions, some denied.
i hope u increase the list of activities. then this is a hit for me :)
good luck.. :)

Can you provide an example of app you have added to the access list, but it didn't work?
 
  • Like
Reactions: _2bad4u_

Hammerfest

Senior Member
Apr 3, 2008
1,659
279
San Antonio, TX
i looked in the op and still dont understand how to install?? flash the simple SU zip in recovery.. then what???

if you couldnt read/understand the OP, then your probably better off sticking with SuperSU or SuperUser...

Heres my non-developer understanding (potentially flawed):
Its a binary, with manual entry's (IE text editing) of pre-approved apps, it doesnt have a frontend/gui like SuperSU or SuperUser which allow you to graphically chose what to allow and what to deny...



OP: I like it so far, as for your thoughts on a graphical editor, I for one would love to see one, and before I get jumped for saying then whats the difference between the other options, an editor would be short and sweet, open, edit list, close, ram once again free (since that is the concern), instead of having it stay resident in RAM...

On that note, if I may, there are tools like Rays Toolbox and Android Tuner (formerly system tuner), that I would like to put in a feature request for them to add an editor in the app (Android Tuner already has a few editor's, adding a SimpleSU editor would just add to the overall completeness of the toolkit) to edit the list for SimpleSU, with your permission of course!



Thanks again!
 
  • Like
Reactions: Lauicek and _n0p_

Dark Passenger

Senior Member
Apr 18, 2012
1,272
693
Pune
Latest version working on Galaxy fit !!! It really imporves performance on low ram(We got 256mb) devices maybe OP might consider sharing it by moving thread to a more general location on xda rather than on a device forum my thoughts.
 
  • Like
Reactions: _n0p_

Deadly

Senior Member
Jul 19, 2012
10,286
3,899
Bangalore
Latest version working on Galaxy fit !!! It really imporves performance on low ram(We got 256mb) devices maybe OP might consider sharing it by moving thread to a more general location on xda rather than on a device forum my thoughts.
Yes, exactly.. it works on galaxy y duos and galaxy yseries.. its better to move it to android app development section may be? as it will get more support there i feel.. Please do consider op.. And thanks for this cool app.. Its awesome. And i dont think it needs an editor, as we can have editors from many apps .. i have around 4-5 apps which has editors.. surely users who use this app will be bit advanced users..

and i bet all of them will have file editors.. and all file explorer apps comes with editors nowadays.. well , just my thoughts.. but if you can keep the file browser to bare minimum and keep size of apk less.. then i would surely like to see it too :)

i am hoping to use this from now on.. so i will give review for new updates.. have you pushed it to play store? i think you should do that.. many will like this idea!
Thanks again..

As far as i understood we can edit it to add new apk names to give permission.. Because Android_united kinda confused me.. So, asked this again.. i did use it and it did worked.. its just may be he didnt see that?
 
  • Like
Reactions: _n0p_

domcale

Senior Member
May 27, 2012
370
139
Works like a charm! The only problem I had is that I was doing this through Terminal Emulator, and for some reason, when i did all this, superuser perrmisions were not granted for Terminal Emulator. After a little digging i found that i have to add this line
Code:
jackpal.androidterm2
and leave the one that's there by default
Code:
jackpal.androidterm
to the dsc.su_list
Now it works, i have SU for Terminal Emulator, Adfree, and i added SetDNS (Impossible to use Google play on CM7.2 without it :))
 
Last edited:
  • Like
Reactions: _n0p_

TwoPointZero

Senior Member
Apr 15, 2012
64
38
I like the idea of this but be extra careful to only whitelist activities you really use.
I could imagine a malware somehow managing to enter your system and masquerading as one of the prepopulated entries in dsc.su_list, though of course no such vulnerability exists so far.
 

_n0p_

Senior Member
Apr 9, 2009
2,559
1,832
44
Kyiv
n0p.8bit.fm
Thank you for feedback.
--
I cannot publish it on Play Store - it's not an Android app. To publish it, i need to write SimpleSU Installer, or something like that (see below).
--
Regarding editor - it would be nice if someone else would write it :) I really don't expect to have enough free time required.
--
A 0.4 version i consider as stable (revised potentially bad code with possible string overflows) attached to first post.
--
Malware that could act as Java class - i thought of several scenarios, but any requres root access beforehand. And if you install an app - it's your responsibily to be careful.
--
Have fun,
Sergei
 
Last edited:

A_U

Senior Member
Jun 6, 2012
3,330
4,588
Wichita
www.facebook.com
Can you provide an example of app you have added to the access list, but it didn't work?
titanium backup, es-file explorer. i tested wit only these 2. as these 2 weren't gaining root access, so i stopped using this. if u want me to test wit more apps, i can help u out.
will be using this surely once it receives more updates :good:
:good: gud luck..
 

Top Liked Posts

  • There are no posts matching your filters.
  • 46
    So.
    As i was slowly preparing DSC v2.0 i met a hard decision: what root tool to include :)
    Both Superuser and SuperSU are nice, but quite heavy :)

    I decided to take my own way - rewrite su executable itself to suit my vision:

    I've aknowledged that i have not modified my root access list for half a year. I don't need and don't want a separate Java process to control root access. I want a simple way to allow root access for application (via whitelist), but block unwanted (i.e. all not in list). Still, it should allow end-user to install either SuperSU or Superuser.
    In short - ideal su solution for myself that should also work good for depersonalized custom ROM (with predefined access list), leaving it to end-user to decide which app he will install for superuser access.
    And i didn't find a ready solution, so decided to write my own.

    Here it is (attached):

    SimpleSU
    Simplest and lightest superuser solution (with access control)

    How it's done:
    Same as usual SU for Linux with control access list read from /system/etc/dsc.su_list
    dsc.su_list structure is very simple:
    One line per android app (case sensitive), windows and unix line breaks should be supported fine.
    Current proposed list for DSC 2.0 (and an example):

    dsc.SimpleSU.acl
    dsc.settings
    dsc.uv
    dsc.levels
    dsc.mugen
    jackpal.androidterm
    ru.org.amip.ClockSync
    eu.chainfire.supersu
    eu.chainfire.supersu.pro
    com.ryosoftware.adbw
    com.googlecode.droidwall.free
    com.noshufou.android.su
    de.schaeuffelhut.android.openvpn
    de.schaeuffelhut.android.openvpn.installer
    com.elsdoerfer.android.autostarts
    com.speedsoftware.rootexplorer
    com.geeksoft.screenshot
    com.rerware.android.MyBackupPro
    com.ghostsq.commander
    ws.plattner.cifsmanager
    mobi.pruss.superdim
    com.force.timezonefixer
    com.bigtincan.android.adfree

    Caller process tree is walked till init, if match is found, access is granted.

    How to install?
    Via adb shell:
    Code:
    adb push su /system/xbin/
    adb shell chmod 6755 /system/xbin/su
    adb push dsc.su_list /system/etc
    adb shell chown root.root /system/etc/dsc.su_list
    adb shell chmod 644 /system/etc/dsc.su_list

    Note that you have to manually add entries to white list (/system/etc/dsc.su_list) to grant root access in form of app full Java class name. For example, it's com.keramidas.TitaniumBackup for Titanium Backup.

    As pointed by dr911, works in multiuser environment (being a linux binary).

    Currenly SimpleSU supports two command formats:

    Usual: su -c 'make me a sandwich'. Note that only "-c" works now. Seems to be enough though. Command simply passed to the shell.

    Legacy (as seen in Google/Android su source): su username make me a sandwich. Shell is not executed in this case, so no environment variables right now in this format.

    Have fun,
    Sergei.

    Changelog:
    02.04.2013: v0.7. ":service" suffix granted root access for already granted app, more logging on reject. (0.6 had only more logging)
    27.11.2012: GUI updated - forgot about remounting /system in rw mode. Attached to this post.
    21.11.2012: GUI done. http://forum.xda-developers.com/showpost.php?p=34439975&postcount=41
    14.11.2012: v0.5. LD_LIBRARY_PATH fixup (taken from ChainsDD), pointed by Rupert Rawnsley. Also some legacy format command-line handling changed. Also, insecure version added (no checks made, asked=granted).
    11.11.2012: v0.4. Code cleanup, no longer beta, revised and fixed code with potential string overflows.
    09.11.2012: v0.3b. Code changed to allow legacy format command execution.
    09.11.2012: v0.2b. Fixed call with multiply parameters. OpenVPN installer works. Dynamic linking, so very small binary. Logging to system log.
    07.11.2012: Fixed segmentation fault on reject, added version and build date, removed debug info.
    7
    DSC SimpleSU ACL Manager

    DSC SimpleSU ACL Manager

    SimpleSU root rights management (GUI)

    You need to add
    dsc.SimpleSU.acl
    to
    /system/etc/dsc.su_list

    Loads installed packages list.

    White - usual app.
    Red color - app has root.
    Gray - app frozen.
    Yellow - has root but frozen.

    On item long press you can choose:
    Grant root - Grant root rights for application.
    Revoke root - Revoke root rights from application.
    Freeze - Freeze (disable) application.
    Thaw - Reenable application.

    Changes take effect immediatly, don't shoot the leg.

    Revoke will delete this exact app only from dsc.su_list, manual entries will be untouched.

    Back key will fully exit DSC SimpleSU ACL Manager.

    Edit - updated version attached to first post.
    5
    A request:
    If somebody owns Pro/Elite/other commercial Superuser or SuperSU - would you provide it's full Java class name?

    For example, it's

    eu.chainfire.supersu
    com.noshufou.android.su

    for free versions.
    5
    GitHub link

    Just a quick notice:
    Source for binary is available at:

    https://github.com/dsc-team/SimpleSU/

    It's been reported that SimpleSU doesn't work on Android 4.3 - so if you found a solution, share it with community
    3
    Oh. Looks SimpleSU got in news :)

    Can I avoid these little delays (the appearing popup of SuperSU or Superuser) with this alternative?
    And if I have Superuser preinstalled can I delete it and are there other files which belongs to it and can be deleted?
    Thank you for sharing your work :)

    You won't experience any delays - but in cost of manually editing the list. And no popups, it's simply a linux binary. After replacing su binary you may uninstall Java part.

    Have you noticed any improvement in terms of speed etc? Is superuser really that heavy? How much RAM can i get by using this and ditching the superuser app? We can use this in our Galaxy 3 forum !

    I did experience lags when using Superuser and SuperSU. I don't think modern device would benefit from SimpleSU. I expect to free 15-20MB. Good for Streak with 512MB.
    I may eventually write a list editor, but most probably won't.

    Again, this tool would do as preinstalled SU solution in Custom ROM (though i can't test >2.3 compatibility):
    Grant predefined (and included in ROM) apps the superuser rights.
    Allow end-user to choose and install he's preffered SU solution right from Play Store.

    --
    Have fun,
    Sergei
Our Apps
Get our official app!
The best way to access XDA on your phone
Nav Gestures
Add swipe gestures to any Android
One Handed Mode
Eases uses one hand with your phone