Gaining root permissions on iOS for NSFileManager (Jailbreak)

JonasG picture JonasG · Oct 20, 2011 · Viewed 13.4k times · Source

I am trying to write file to the root partition of the device. It is a Jailbreak app so it is installed in /Applications. When writing to the root filesystem using NSFileManager the write fails with a "Permission Denied" error.

It seems like my app is not running as root. It is installed in /Applications though. How can my app become root?

Answer

JonasG picture JonasG · Jan 10, 2012

It is true, the app has to run as root to access non mobile directories. After discussing this with Optimo and Saurik I finally found the right way to get root privileges.

  1. In the main() function add setuid(0); and setgid(0);
  2. Build the app normally.
  3. Create a copy of the executable file in the app bundle.
  4. Open the original executable file and replace its content with this script:

    #!/bin/bash
    dir=$(dirname "$0")
    exec "${dir}"/COPIED_EXECUTABLE_NAME "$@"
    

    Directly launching a root app fails on iOS. Therefore we replace the app's main executable with a script that launches the root executable.

  5. In terminal, navigate to the app bundle.

  6. chmod 0775 the original executable file and chmod 6775 the copied executable file.
  7. Copy the app bundle to /Applications to a device. Restart SpringBoard and you should be good to go. If the app doesn't launch then repeat step 5 & 6 on the device.