Due to their very nature, custom Android ROMs have root enabled by default. Up until relatively recently, installing custom Android ROMs was a thing geeks did, and as such, this wasn’t much of a problem. However, over the past few days, I’ve found out just how easy installing custom ROMs and modifying them really is (I’m running this one until CyanogenMod 9 is ready for the SII), and it seems like more and more regular users are engaging in the practice as well. Suddenly, having root enabled becomes a security liability.

As such, the CyanogenMod team has decided to disable root by default. Fear not, though, as users can easily enable root for ADB, for applications, or both. This means that any CM user will have to explicitly enable root, and as such, will be explicitly aware of the dangers of running with root enabled.

“Shipping root enabled by default to 1000000+ devices was a gaping hole,” the CM team writes, “With these changes we believe we have reached a compromise that allows enthusiasts to keep using root if they so desire but also provide a good level of security to the majority of users.”

This make perfect sense, and sounds like a very good security decision. This will make devices running CyanogenMod 9 a hell of a lot more secure, and with as many users as CM has, that can only be seen as a good thing. It will most likely ruffle some feathers in certain more hardcore Android crowds, but hey, you can’t please everyone.

I know it’s far-fetched, but somewhere, deep down, I’m hoping this is a sign hardware partners may be interested in the successful custom ROM. Can you imagine being able to order the future Galaxy SIII with CM9 as a built-to-order option? The HTC One X shipping with CM9 instead of HTC’s hideous Sense crap?

Hey, a geek can dream.