The latest update to .368 restricts access to /system, in particular 'mount -o remount,rw /system' won't give write access.
With the SuperSU 'supolicy' tool and a current busybox there is an easy way around the protection:
The number in the losetup command is the position of the system partition in bytes in the internal memory. (This number in blocks (bytes = blocks * 512) is displayed in the expert mode of fdisk)
This works because we do not use the device corresponding to the system partition but construct an equivalent device.
With the SuperSU 'supolicy' tool and a current busybox there is an easy way around the protection:
Code:
/system/xbin/supolicy --live \
"allow init_shell unlabeled file {execute execute_no_trans}"\
"allow {init_shell kernel} {device unlabeled mmc_block_device} blk_file {getattr read write open ioctl}"\
"allow init_shell kernel process setsched"\
"allow init_shell {rootfs labeledfs} filesystem {mount umount remount}"
mknod /dev/loop2 b 7 2
losetup /dev/loop2 /dev/block/mmcblk0 -o 96468992
mount -t ext4 /dev/loop2 /systemThis works because we do not use the device corresponding to the system partition but construct an equivalent device.
No comments:
Post a Comment