-
Notifications
You must be signed in to change notification settings - Fork 12.6k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Feature Request: biometric prompt to open Magisk app #4899
Comments
Yep, SuperSU used to have this, and I continue to miss it. 👍 |
Old @topjohnwu opinion
|
I mean that quote doesn't totally make sense in this context. A launcher "protecting" apps with a biometric prompt is easily circumventable by launching the app directly from Android Settings > Apps, yes, but a sensitive app itself keeping itself protected by a biometric prompt is obviously an improvement over one which does not, and is not easily circumventable, why else would Magisk use biometrics for granting root to apps? |
Completely agree |
Agree and disagree. App level locking can add layer of security, but yes it is not to be relied on solely, even when it's an included system component like in OxygenOS. It does have its place, particularly if the settings / launcher / install intents are protected as part of it. It's definitely not a hacker proof method, but it doesn't need to be if you also have device-level security enabled. It is mostly useful as a barrier to casual user who might be borrowing your phone. But all that is outside the scope of this request. The root manager app itself is a special case and is a critical system-level component that should allow a required authentication prompt, similar to how you have to do when you enter the security settings in Android even if your screen/device is already unlocked. |
When you grant root access to the file manager, all defenses are lost. |
Then use biometric auth for all root requests. With that also asking for biometric when opening Magisk starts making sense. |
Not necessarily just biometric, but whatever kind of security is enabled on the device. Any time that device security is enabled, Magisk should have security request defaulted to ON, this way clearing the application data won't provide a means of bypassing the request. Note that Android security itself is protected in this manner. If you have lockscreen security enabled, then in order to alter lockscreen security settings, you need to authenticate. @vvb2060 : Who would be stupid enough to provide permanent root access to a file manager? |
It's useful when we want to prevent other apps from surreptitiously getting root access, not users |
Yes,I think it is nessary to add it. |
Magisk now does have a biometric authentication, but it would be useful when using a root shell (e.g. using |
i have enabled it but it will be nice if it does this for every request |
You can use the application encryption in your Android system to achieve this function. |
@damengmeng2279 This is not available on every version of android. Notably LineageOS does not have this feature. |
Request: provide an option to extend the biometric prompt to opening the Magisk app itself. This is to add a small extra layer of protection when an unlocked phone is handed to somebody else.
The text was updated successfully, but these errors were encountered: