Signature spoofing support
The regular support (e.g. in divestOS, lineage4microg, or eOS, etc.) implements the signature spoofing support either as restricted or non-restricted / full.
restricted means signature spoofing is enabled solely for system applications (e.g. in eOS). Simplified for everything that exists read-only in /system (or other system partitions) and requests this.
Some developers go a step further and allow only very specific signatures (e.g. in divestOS), so that only very specific applications get this permission.
Non-restricted means that all applications (including user apps) are allowed to use signature spoofing.
All the approaches described above are either not flexible (you set it at build-time and that's it), or you are limited to only very specific applications that the developer has decided in advance.
extendrom not only allows for easy inclusion of signature spoofing support, but also extends the described procedures without limitations and without an either all or nothing mentality (where all may mean what the ROM developer decided in advance).
What distinguishes extendrom signature spoofing from other implementations?
- it integrates seamlessly into the extendrom universe, so you can define individually per build process if you want to add it or not.
- the regular signature spoofing patches (see "Credits") have been minimized and optimized. This allows a much simplified adaptation to ROMs which are not based on Lineage.
- even if signature spoofing is enabled by the developer during the build process, signature spoofing is globally disabled by default, i.e. the user decides if it should be activated or not actually (on/off in developer options).
- any app may request signature spoofing, but it is only actually allowed if
- a) it is globally enabled
- and b) the user explicitly confirms it
- the signature spoofing permission can be manually set or revoked per app at any time
- if the option is globally disabled again in the developer options, granted permissions remain, but have no effect anymore
Please find the technical details here
Enable / Disable signature spoofing support "on-the-fly":
Review assigned signature spoofing permissions -> open "Permission Manager" -> find "Spoof package signature"
When an app requests signature spoofing permission:
Example microG after permission has been granted:
Example for manual granting signature spoofing permission:
Example of Privacy manager (see above) after granting some:
Example of microG when disabling Signature spoofing support in developer options again:
