Running as root

From iPhone Development Wiki
Jump to: navigation, search

Root is the "admin" user of UNIX-based operating systems. Running as root gives mostly complete control to the process.

Most binaries don't need to run as root, but there are few circumstances where it is required. As of iOS 11, the process to run a binary as root has changed. On devices jailbroken with tools that still use jailbreakd (namely Electra and Chimera), setuid will not work straight away.

Important information

  • Running as root can cause issues. It will cause some things to malfunction, or just stop working altogether. Only use if you need it.
  • Never call setuid from an injected library (a tweak). You are guaranteed to break something if you try.
  • Running as root will not provide unrestricted access to the filesystem. If you are trying to accomplish this, don't use root. Give your binary the correct entitlements.

Running a binary as root on iOS 11+

These steps must only be followed if the binary is intended to run on a device that still uses jailbreakd (Electra, Chimera)

First of all, the binary must be platformized with a jailbreakd call, then setuid must be patched with another jailbreakd call. The following code has been provided from Electra's wiki and slightly modified:

Keep in mind the binary should also be signed with the `platform-application` entitlements.