你可以使用isAccessGiven()代替isRootAvailable()。直接从RootTools wiki:

if (RootTools.isAccessGiven()) {
    // your app has been granted root access
}

RootTools.isAccessGiven()不仅检查设备是否已根，它还检查设备是否已根 也为你的应用程序调用su，请求权限，如果返回true 您的应用程序已成功授予根权限。可以使用这个 作为在你的应用程序中的第一个检查，以确保你将被授予 在需要的时候访问。

参考

谷歌播放服务有安全网络认证API，通过它我们可以评估设备，并确定它是否被根/篡改。

请通过我的回答来处理根设备: https://stackoverflow.com/a/58304556/3908895

使用谷歌SafetyNet认证API，您可以轻松检查您的设备是否已根:

Add dependency in build.gradle(:app) implementation 'com.google.android.gms:play-services-safetynet:17.0.0' Get Api key and enable Android Device Verification API using link public static void sendSafetyNetRequest(Activity context) { if(GoogleApiAvailability.getInstance().isGooglePlayServicesAvailable(context, 13000000) == ConnectionResult.SUCCESS) { Log.e(TAG, "The SafetyNet Attestation API is available"); // TODO(developer): Change the nonce generation to include your own, used once value, // ideally from your remote server. String nonceData = "Safety Net Sample: " + System.currentTimeMillis(); ByteArrayOutputStream byteStream = new ByteArrayOutputStream(); Random mRandom = new SecureRandom(); byte[] bytes = new byte[24]; mRandom.nextBytes(bytes); try { byteStream.write(bytes); byteStream.write(nonceData.getBytes()); } catch (IOException e) { e.printStackTrace(); } byte[] nonce = byteStream.toByteArray(); SafetyNetClient client = SafetyNet.getClient(context); Task<SafetyNetApi.AttestationResponse> task = client.attest(nonce, API_KEY_FROM_STEP_2_LINK); task.addOnSuccessListener(context, attestationResponse -> { /* TODO(developer): Forward this result to your server together with the nonce for verification. You can also parse the JwsResult locally to confirm that the API returned a response by checking for an 'error' field first and before retrying the request with an exponential backoff. NOTE: Do NOT rely on a local, client-side only check for security, you must verify the response on a remote server! */ String jwsResult = attestationResponse.getJwsResult(); Log.e(TAG, "Success! SafetyNet result:\n" + jwsResult + "\n"); if (jwsResult == null) { Log.e(TAG, "jwsResult Null"); } final String[] jwtParts = jwsResult.split("\\."); if (jwtParts.length == 3) { String decodedPayload = new String(Base64.decode(jwtParts[1], Base64.DEFAULT)); Log.e(TAG, "decodedPayload : " + decodedPayload); } }); task.addOnFailureListener(context, e -> { // An error occurred while communicating with the service. String mResult = null; if (e instanceof ApiException) { // An error with the Google Play Services API contains some additional details. ApiException apiException = (ApiException) e; Util.showLog(TAG, "Error: " + CommonStatusCodes.getStatusCodeString(apiException.getStatusCode()) + ": " + apiException.getStatusMessage()); } else { // A different, unknown type of error occurred. Log.e(TAG, "ERROR! " + e.getMessage()); } }); } else { Log.e(TAG, "Prompt user to update Google Play services."; } } ` Check your logs for decodedPayload if ctsProfileMatch and basicIntegrity both are false it means your device is rooted . The Attestation API returns a JWS response which looks like:

{"nonce": "6pLrr9zWyl6TNzj+kpbR4LZcfPY3U2FmZXR5IE5ldCBTYW1wbGU6IDE2MTQ2NzkwMTIzNjc="， " timestamms ": 9860437986543， "apkPackageName": "你的包名将显示在这里"，"ctsProfileMatch": true， "apkDigestSha256": ["base64编码，用于签名请求应用程序的证书的SHA-256哈希值"]，"basicIntegrity": true， "evaluationType": "BASIC"}

欲了解更多信息，请查看此链接。

这里列出的许多答案都有内在的问题:

Checking for test-keys is correlated with root access but doesn't necessarily guarantee it "PATH" directories should be derived from the actual "PATH" environment variable instead of being hard coded The existence of the "su" executable doesn't necessarily mean the device has been rooted The "which" executable may or may not be installed, and you should let the system resolve its path if possible Just because the SuperUser app is installed on the device does not mean the device has root access yet

Stericson的RootTools库似乎可以更合理地检查root。它还有很多额外的工具和实用程序，所以我强烈推荐它。然而，并没有解释它是如何专门检查根目录的，而且它可能比大多数应用程序真正需要的要重一些。

我已经创建了几个基于RootTools库的实用程序方法。如果你只是想检查“su”可执行文件是否在设备上，你可以使用以下方法:

public static boolean isRootAvailable(){
    for(String pathDir : System.getenv("PATH").split(":")){
        if(new File(pathDir, "su").exists()) {
            return true;
        }
    }
    return false;
}

这个方法简单地遍历“PATH”环境变量中列出的目录，并检查其中是否存在“su”文件。

为了真正检查root访问权限，必须实际运行“su”命令。如果安装了一个像SuperUser这样的应用程序，那么在这一点上它可能会要求root访问，或者如果它已经被授予/拒绝，吐司可能会显示是否授予/拒绝访问。一个很好的命令是“id”，这样您可以验证用户id实际上是0(根)。

下面是一个示例方法来确定是否授予了根访问权:

public static boolean isRootGiven(){
    if (isRootAvailable()) {
        Process process = null;
        try {
            process = Runtime.getRuntime().exec(new String[]{"su", "-c", "id"});
            BufferedReader in = new BufferedReader(new InputStreamReader(process.getInputStream()));
            String output = in.readLine();
            if (output != null && output.toLowerCase().contains("uid=0"))
                return true;
        } catch (Exception e) {
            e.printStackTrace();
        } finally {
            if (process != null)
                process.destroy();
        }
    }

    return false;
}

实际测试运行"su"命令是很重要的，因为一些模拟器已经预安装了"su"可执行文件，但只允许某些用户像adb shell一样访问它。

在尝试运行“su”可执行文件之前检查它的存在也是很重要的，因为android已经知道不会正确地处理试图运行缺失命令的进程。随着时间的推移，这些幽灵进程会消耗大量内存。

在2021年最后一个季度的今天，我试图使用SafetyNet来回答@HimanshiThakur的答案。但我有个问题，在这里提出了一个问题。还是没有回答。

所以我决定使用RootBeer。它工作得很好，但当Magisk隐藏根时，它就不起作用了。

如果你不在乎这种情况(许多银行应用程序也不能解决这个问题)，你可以使用以下步骤:

添加到Gradle:

implementation 'com.scottyab:rootbeer-lib:0.1.0'

用这些句子:

RootBeer rootBeer = new RootBeer(context);
if (rootBeer.isRooted()) {
    //we found indication of root
} else {
    //we didn't find indication of root
}

下面是一个类，它将以三种方式之一检查Root。

/** @author Kevin Kowalewski */
public class RootUtil {
    public static boolean isDeviceRooted() {
        return checkRootMethod1() || checkRootMethod2() || checkRootMethod3();
    }

    private static boolean checkRootMethod1() {
        String buildTags = android.os.Build.TAGS;
        return buildTags != null && buildTags.contains("test-keys");
    }

    private static boolean checkRootMethod2() {
        String[] paths = { "/system/app/Superuser.apk", "/sbin/su", "/system/bin/su", "/system/xbin/su", "/data/local/xbin/su", "/data/local/bin/su", "/system/sd/xbin/su",
                "/system/bin/failsafe/su", "/data/local/su", "/su/bin/su"};
        for (String path : paths) {
            if (new File(path).exists()) return true;
        }
        return false;
    }

    private static boolean checkRootMethod3() {
        Process process = null;
        try {
            process = Runtime.getRuntime().exec(new String[] { "/system/xbin/which", "su" });
            BufferedReader in = new BufferedReader(new InputStreamReader(process.getInputStream()));
            if (in.readLine() != null) return true;
            return false;
        } catch (Throwable t) {
            return false;
        } finally {
            if (process != null) process.destroy();
        }
    }
}