updated 04:30 pm EDT, Fri March 16, 2012
CM9 team adds security by changing root default
The CyanogenMod team has just announced a major change to its CyanogenMod 9 custom ROM builds. The first alpha builds on CM9 will no longer allow for default root access over USB. Three patches were released to address this issue, allowing users to disable root altogether, enable it for Android Debug Bridge mode (ADB) only, enable it for apps only or enable it for both.
The changes will ensure users have control and are aware over which apps are using root. Security should therefore be enhanced, and apps that request root access will be spotted and stopped by SuperUser.apk, asking for selective access.
There is nothing the team can do about security as it relates to bootloaders, however, and recovery is much the same way, though it requires physical access to the device.
The team explains its decision to go ahead with the changes as it believes there is no reason to leave the OS unsecured as a default. Root by definition gives full control over a device's OS and can be potentially dangerous for less experienced users.