Sandboxing secure?

jerryfog500

I'm aware GrapheneOS allows you to sandbox apps. There's a bunch of random APK games I want to play, would it be secure to play them on my GrapheneOS phone in the sandbox? Will this pose any risks, and would it reduce the performance of my games?

de0u

jerryfog500 Welcome!

Every app on every version of Android is sandboxed. GrapheneOS improves on the base AOSP sandbox.

Running games in a secondary user profile may further reduce various risks.

Phead

jerryfog500 Will this pose any risks [...]?

Yes. Despite having a strong sandbox I would never shrug away security concerns. If you do not trust the developers don't install the app on your daily driver. You mitigate the risk by what de0u mentioned but in my opinion it's healthier to develop a good portion of vigilance towards unknown software and see the sandbox as a safety net - not as your first line of defense.

Relaks

jerryfog500 random APK games

I would avoid placing any trust in random APKs you find on sites such as apkpure or other sketchy sources. If worried about security, Play Store is a more reliable source, even if that means you have to pay for the games (not sure what you mean by random APKs, but I assume you are not referring to the Play Store).

[deleted]

jerryfog500 Your applications must be signed by the respective developers. Check signature keys

Relaks

de0u Running games in a secondary user profile may further reduce various risks.

Would you please elaborate on this? How does installing apps in a secondary profile better prevent a malicious app from escaping the sandbox in which it runs?

de0u

Relaks Apps isolated in one user profile can't do all the things that apps in the same user profile can do, e.g., enumerate installed apps, communicate with other apps via IPC. If a game relies on Google services, and it's in a profile that is suspended, none of that code will be running at all when the profile is suspended.

Here is information about multiple user profiles in GrapheneOS: https://grapheneos.org/features#improved-user-profiles

Relaks

de0u I know. I was thinking more in terms of security risks.

[deleted]

Phead I agree, but its unlikely that a random game will have a zero day pegasus exploit built in. So id say its probably fine. They can operate them with limited permissions ro further reduce any risk.

de0u

Relaks I was thinking more in terms of security risks.

I am not an expert, but I don't believe IPC is devoid of security risks, for example https://securitylab.github.com/research/android-deserialization-vulnerabilities/

Phead

[deleted]

True, it's unlikely. But I find that stance is a dangerous one since it's based on an absolutely arbitrary assumption. Unless you've checked the code (or a third, trustworthy party has) you cannot know if is malicious or not. The question was if it poses any risks and the answer to that is yes.

The point I was trying to make is that at some point you're going to be in deep trouble if you rely solely on sandboxing and discard any kind of vigilance. Even if the app itself is clean sloppy programming, overuse of unnecessary libraries, and adds could lead to vulnerabilities.