this post was submitted on 01 Dec 2025
140 points (99.3% liked)

GrapheneOS

854 readers
3 users here now

An unofficial discussion community for anyone interested in GrapheneOS.

Helpful links:

Official Graphene OS Discussion Forum

List of official Matrix channels and other contact sources.

founded 2 years ago
MODERATORS
wxboss@lemmy.sdf.org
140
Little Graphene Phone update. (lemmy.zip)
submitted 5 days ago by mustlane@lemmy.zip to c/graphene_os@lemmy.sdf.org
13 comments fedilink hide all child comments
 

Thought some of you will find it interesting

you are viewing a single comment's thread
view the rest of the comments
[–] turbowafflz@lemmy.world 6 points 5 days ago* (last edited 5 days ago) (8 children)

Does graphene support root access yet? I've been wanting to try graphene but I know in the past that was either discouraged or impossible and unrooted android is way too frustrating to be worth any benefits

[–] mlfh@lemmy.sdf.org 25 points 5 days ago (5 children)

The primary focus and benefit of GrapheneOS is security, and user>root privilege escalation completely undermines that securiy model. The project doesn't and likely never will support root access for that reason.

[–] ReallyActuallyFrankenstein@lemmynsfw.com 7 points 5 days ago* (last edited 5 days ago) (4 children)

I mean, that is saying in effect that the user is a security liability, that rights should be withheld from the user because they can't be trusted. I think that is diametrically opposed to the very principles motivating giving the user control of their phone and privacy.

Sure, lock root behind whatever "I'm an adult and the phone's owner, and know what I'm doing" setup, or sandbox as need, or require a user to properly self-authenticate any key-related operations, but desktop OSes function fine giving users root abilities. The reason device manufacturers lock their phones and prevent root is maintaining a trusted environment adversarially to the user, not that the user's data will be insecure.

[–] mlfh@lemmy.sdf.org 4 points 4 days ago

This isn't about the user being treated as untrustworthy or as less than an adult, it's about the security model GrapheneOS is based on. The team explains it well in this thread: https://discuss.grapheneos.org/d/18953-why-the-stigma-against-rooting

If you want to trade away the benefits of that security model to be able to tinker with things and feel more in control of your phone, you can use something else that lets you do that by default, or patch and build a rootful Graphene yourself. Ironically, the risk there is of giving full control of your phone and privacy to a potential malicious third party anyways, but different threat models may deem that acceptable or low-risk enough.

but desktop OSes function fine giving users root abilities.

Again, threat models. They may function fine for most people, and for most people the risk is low, but the linux desktop world is a security nightmare.

load more comments (3 replies)
load more comments (3 replies)
load more comments (5 replies)