ΤThe Android ecosystem is used in more than two billion devices every month by both ordinary users and more advanced users. Although the number of people who unlock the bootloader and root their smartphone is very small, there is a percentage that continues to do so. Magisk is a very good tool for this purpose, while with MagiskHide you can continue to use applications and services that otherwise would not be possible, as they recognize the root. A popular anime game, it took advantage of an Android system vulnerability to overcome the Magisk mechanisms that hid the root.
- A game recently showed a vulnerability in the Android system that it used to detect whether a device has been rooted or not. If the device is rooted then the game is not playing.
- The bug that exploited the game, allows an application to read the status of other applications in memory, without any special permissions. However the bug does not allow data interception.
- Google is aware of the problem and has updated its testing tools to ensure that all devices are protected.
A popular game known as Fate / Grand Order recently blocked rooted users from being able to play. The lead developer of Magisk had discovered a way to overcome the root detection mechanisms, however the solution did not work on OnePlus 6, despite his efforts. Determined not to give up, he tried to figure out what made the game detect root on its OnePlus device. Specifically discovered a vulnerability that the game used to detect root on OnePlus devices.
In Unix-based operating systems, there is a special filesystem called "procfs" which contains information about processes, such as memory usage, status (for example, applications are running or idle). On most Unix based operating systems, apps have easy access to procfs to see what other applications are running on the system. Think of it as a Windows Task Manager. Before Android Nougat apps could see what other apps were running on your Android device without the use of special permissions. After Android Nougat, user permission is required.
Google mounts Procfs with the flag "hidepid = 2" so that applications can only see the status of their own processes. This also applies to Google devices, however this is not required on devices from other companies such as LG, OnePlus, Huawei / Honor, Xiaomi. In practice to understand this, this allows an application to detect the presence of Magisk on your device and not allow you to use it.
Which devices are affected:
It is very easy to see if you have a device that leaks information to other applications. You can use an application developed by topjohnwu, while allowing you to fix the problem if your device is rooted.
