做个记录 越狱ios设备 获取root权限（测试没通过）

It is true, the app has to run as root to access non mobile directories. After discussing this with Optimo and Saurik I finally found the right way to get root privileges.

In the main.m add 

setuid(0);

 and 

setgid(0);

Build the app normally.

Then copy and paste the executable inside the .app and rename it to anything you want, don't rename the original file.

Open the original executable file and delete its contents (the contents are now stored in the previously copied and renamed binary).

Add this bash script to the empty binary file from 4. :

#!/bin/bash
dir=$(dirname "$0")
exec "${dir}"/<COPIED FILE NAME> "$@"

Springboard will run this file first because its the CFBundleExecutable, then this will launch the actual app's executable. This is done because SpringBoard would fail to directly launch the executable with root permissions

Open terminal and change the directory to the .app (ex. 

cd
/User/Me/Desktop/MyApp.app

)

chmod

 the
original executable file to 0755 (ex. 

chmod
0755 MyCFBundleExecutable

) and the copied file to 6755 (ex. 

chmod
6755 CFBundleExecutableRoot

)

SSH the .app into /Applications on your device, respring and launch it (if its not launching then repeat set 7. but by SSHing into your device via terminal)