Su | Binaries

: An app (like a titanium backup or a system uninstaller) requests root access. Execution : The app calls the su binary.

| Binary | Source | Key Features | |--------|--------|--------------| | | Magisk (modern) | Systemless root, hide root from detection, module support | | SuperSU | Chainfire (legacy) | Full control, per-app permissions, now outdated | | LineageOS su | LineageOS built-in | Simple root addon (deprecated in newer builds) | | KernelSU | Kernel-based | Root via kernel module, supports GKI kernels | su binaries

Security suites and "Root Checker" apps look for the su binary in specific directories to determine if a device has been modified. Common locations include: /system/bin/su /system/xbin/su /sbin/su /system/sd/xbin/su /data/local/xbin/su /data/local/bin/su 🛡️ The Evolution: SuperSU vs. Magisk : An app (like a titanium backup or

adb push su /data/local/tmp/ adb shell chmod 4755 /data/local/tmp/su hide root from detection