ls -l /system/bin/su ls -l /system/xbin/su If BusyBox’s su is the only one, you may need to use toybox (modern Android’s default) or a proper root manager like Magisk, which provides its own SUID-safe su . Setting SUID on any binary is serious. A SUID-root BusyBox is dangerous because any bug in ls , cat , or echo could be exploited to gain root access. This is why BusyBox discourages setting SUID on the main binary. Instead, they recommend: "Only individual applets should be SUID, not the entire busybox binary." Some distributions create separate symlinks (e.g., /bin/su → /bin/busybox ) and then set SUID on that symlink. Linux respects SUID on symlinks only in certain configurations – another source of confusion. Summary | Problem | Cause | Solution | |---------|-------|----------| | busybox su must be suid to work properly | BusyBox su is executed without root privileges. | Install a real su binary (util-linux) or properly configure SUID on BusyBox’s su applet. |
Use a dedicated su binary, even a minimal one. Method 3: Install a full-featured su On most full Linux systems, you’d install util-linux which provides a proper su : busybox su must be suid to work properly
# As root chmod u+s /bin/busybox But this makes BusyBox command run as root when executed via the busybox binary – a security nightmare. ls -l /system/bin/su ls -l /system/xbin/su If BusyBox’s
Because it’s a single binary, BusyBox must emulate each command’s behavior internally. This includes su – the "switch user" command. In Linux, every file has permission bits. One special bit is the SUID (Set User ID) bit. When set on an executable file, it causes the program to run with the file owner’s permissions, not the permissions of the user who launched it. This is why BusyBox discourages setting SUID on
If you’ve ever worked with embedded Linux systems, recovery consoles (like ADB on Android), or minimal distributions, you might have encountered the cryptic error message:
