0

Our app uses continues integration from Bitrise to build and run automation UI tests. We were required to implement rooted device checks which now are failing the tests and it seems that their emulator is detected as rooted. Anyone had experience with that and know how could this possibly be resolved, is it also true they are using rooted device? Couldn't find information about it in the web. The check we are using is this:

    /** @author Kevin Kowalewski */
public class RootUtil {
    public static boolean isDeviceRooted() {
        return checkRootMethod1() || checkRootMethod2() || checkRootMethod3();
    }

    private static boolean checkRootMethod1() {
        String buildTags = android.os.Build.TAGS;
        return buildTags != null && buildTags.contains("test-keys");
    }

    private static boolean checkRootMethod2() {
        String[] paths = { "/system/app/Superuser.apk", "/sbin/su", "/system/bin/su", "/system/xbin/su", "/data/local/xbin/su", "/data/local/bin/su", "/system/sd/xbin/su",
                "/system/bin/failsafe/su", "/data/local/su", "/su/bin/su"};
        for (String path : paths) {
            if (new File(path).exists()) return true;
        }
        return false;
    }

    private static boolean checkRootMethod3() {
        Process process = null;
        try {
            process = Runtime.getRuntime().exec(new String[] { "/system/xbin/which", "su" });
            BufferedReader in = new BufferedReader(new InputStreamReader(process.getInputStream()));
            if (in.readLine() != null) return true;
            return false;
        } catch (Throwable t) {
            return false;
        } finally {
            if (process != null) process.destroy();
        }
    }
}
Sunay Hashimov
  • 161
  • 3
  • 12
  • 1
    `checkRootMethod1()` is checking to see if the device platform is signed with test keys. Any debug Android version is basically pre-rooted (`adb root` will give you a root ADB shell). That's a bad way to test for a rooted device. Also, just because `su` exists doesn't mean the device is actually rooted. – TheWanderer Feb 04 '19 at 19:47
  • I tried to run the CI without the first method and it was again detected as rooted. Your suggestion is to remove it together with the checks for su? – Sunay Hashimov Feb 04 '19 at 21:22
  • 1
    I don't know what emulator you're using, but it's possible that it is actually rooted, with a bundled su binary. Use a library like libsu or libsuperuser to check for root access and see what happens. – TheWanderer Feb 04 '19 at 21:28

0 Answers0