That's not always true. Most ROMS update by first downloading, then flashing the entire rom with the new version. And most OTA updates kill your root if you have it because they reset the entire system partition back to factory state, not just the updated part.
CyanogenMod OTA updates preserve root... because the OTA image contains root access and SuperSU.
So what OTA updates do you mean? If you mean stock Android updates removing root access...then that is exactly the expected behavior. Root is considered a security hazard and not supported by ASOP. As it should be.
I find it hilarious when people who use ROMs complain about how hard it is to modify the OS then complain about lack of security updates in the same thread. Bootloader locks and read-only filesystems are there for a very good reason.
Who's complaining? Cyanogenmod absolutely does a full rom flash, you can look at the download... it's the full shebang. Other stock roms might just unzip overtop the system partition, which would "update" anything that it overwrites. They usually kill root because they reset the system partition back to stock as for a normal user is should be unmodified (yes for security reasons, but also because that's how they want it to be).
perhaps we're talking past each other... because you seemed to miss my point... phones don't update single packages as updates are available like a typical linux distro would.
Lots of ROM people complained when Android locked down bootloaders and when SELinux went into enforcing mode, making /system read-only, etc, etc. Google is attempting to help protect users from bootkits/rootkits which has a side-effect of making modding harder.
See my other comment, Android's OTA system is fully capable of updating single components. The downloads can be patch releases and not full images. Google actually recommends that vendors do this, over pushing full ROMs.
Vendors often don't do it because they are lazy or for logistical reasons. But it doesn't mean they can't.
That's a device/vendor choice, not Android as a whole.
> and when SELinux went into enforcing mode
On my stock rom it was in Permissive mode, as it is now on Cyanogenmod.
> Google is attempting to help protect users from bootkits/rootkits which has a side-effect of making modding harder
This is generally not Google's doing, it's the device manufacturers/carriers. And it's not always in the name of end-user security... which far too often abandon any updates on 1 year old devices.
> See my other comment, Android's OTA system is fully capable of updating single components
But it's not really. It's just downloading a zip file and extracting it. There is not 'apt-get' or 'yum update' functionality built into Android, and there probably can't be due to how custom every rom (even stock from the manufacturer/carrier) is. I would love it if my phone could do a "yum update" like thing and just yank down individual components as soon as they are available... but that's not reality unfortunately. When users do get updates, it's usually months after they were discovered to be at risk for some exploit due to carrier bureaucracy.
> Google actually recommends that vendors do this, over pushing full ROMs.
Mostly in the name of saving bandwidth for data capped users.
> Vendors often don't do it because they are lazy or for logistical reasons. But it doesn't mean they can't.
