Android 6.0 Marshmallow Root Explained

Google will be officially announcing the Android 6.0 Marshmallow update on September 29th along with the launch of Nexus 5X and Nexus 6P, which will probably be the first devices to run on Marshmallow update.

Android 6.0 is more of an experience update than the one meant to re-define how things look on your device. That was Lollipop’s part. Now with Marshmallow, Google is taking the game ahead with privacy focused features like app permissions management and many more under-the-hood changes that ultimately lead to a better Android experience.

But for us folks, who don’t even let our devices breathe before getting it rooted, Marshmallow update isn’t a pretty picture.

Until now, even on Lollipop, which set the base for non-root friendly Android code with changes to SELinux policy, we were still able to get root without modifying the default SELinux behaviour. But with the Marshmallow update, you can’t do that anymore.

To get root on Marshmallow, you must modify the SELinux policy to permissive mode instead of the default enforcing mode. And you’ve to do this by flashing a custom kernel to your device. This may seem like no big deal, but there’s a reason why Google made the shift stricter SELinux policy.

SELinux set to enforcing means the system has full control over what’s allowed to happen on the device. Things which it doesn’t allow, simply won’t be allowed. This significantly enhances the security on the device.

Switching SELinux to permissive means your device will have SELinux enabled but it’ll allow apps to have access to whatever they want on the device. A device running on permissive mode is not protected by SELinux. The sole purpose of having permissive policies is for logging what happens when SELinux isn’t enabled.

So, it’s pretty serious from a security point of view, if you’re permanently setting SELinux policy to permissive mode. But that’s what we’ll be doing to get root access on Android 6.0 Marshmallow. Pity.

We hope someone finds a way to get root on Marshmallow without changing SELinux policy. Past year, when Lollipop released with the new policy, Chainfire, a renowned developer, was against setting it to permissive mode to get root for security concerns, so he developed a rooting method which didn’t change SELinux policy and yet rooted the device. Unfortunately, his methods don’t work on Android M preview releases and he hasn’t provided a fix yet for the Marshmallow update.

We’ll update this page if Chainfire or someone else comes with a safe way to root Marshmallow update.

If you’ve any comments on this topic, do let us know in the comments section below.

Posted by
Shivam Malani

Shivam is our resident designer and web developer who also enjoys writing. He loves to meditate, drive on the freeways and hunt for snipers during his Call Of Duty playtime. Email: [email protected]


  1. […] is pretty serious from security point-of-view. We’ve explained this in detail in our post on Android 6.0 Marshmallow Root, do give it a […]

  2. […] for Android Marshmallow root, well, it’s as we said earlier. Android 6.0 Marshmallow can’t be rooted by installing SuperSU zip alone, you need a custom […]

  3. […] discussed in length about the security concern of running SELinux in permissive mode in our post Root and Android 6.0 Marshmallow. It’s pretty serious from the security […]

  4. […] Android 6.0 Marshmallow Root Explained […]

Comments are closed.