Android Rooting Question

[Kent Borg]

I am trying to understand what it means to "root" and Android phone.  I
see lots of "follow these scary directions" and "then you can do these
wonderful things", but I don't know what it going on.

I understand that Android is Linux with some extra protections:

 - every app has its own UID

 - apps are signed and updates mush have matching signatures

 - lots of interesting things are available for apps to do, but they
require getting permission from the user before installation

 - some interesting things are not possible for obvious reasons, and
others for less obvious reasons

 - the phone owner doesn't have the root password nor login keys to will
get root, etc.

Further, I am guessing that updates to the OS require a signature that
the previous version checks before turning over the shop.  I am
wondering whether there are integrity checks that might notice whether
configurations have changed in ways that were not expected.


I recently bought a Nexus One and I *like* all that security stuff. 
Except, I would like to be able to fire up a bash shell (which I can do)
and successfully do "sudo bash" (which I can't).


Rooting, I fear, opens up my phone to a wild west of anything goes, I
have to trust every app I install to be good.  Is this correct?

What is "rooting" an Android?  How is control wrested from the current
install?


Thanks,

-kb