"FullArchive" files in Android / data / com.android.vending - Are they safe?

PintOfGuinness

Hello again! A little while back, I posted and asked about files by the name of FullArchive-(many random numbers) automatically downloading and saving to Android > data > com.android.vending > files > dna_data. Forgive me if I am a bit paranoid, but I have a follow-up.

I know that com.android.vending is the package name of the Google Play Store, and I do have Sandboxed Google Play installed.

So ..... Are the FullArchive files safe?

Are there any other users who have Sandboxed Google Play installed, and have noticed these FullArchive files before? If Sandboxed Google Play is installed, is this folder path, and the FullArchive files themselves, to be expected?

Sorry if this is a superfluous question. After having used Stock Samsung Android for so many years, my comparatively short time using GrapheneOS means I'm still learning. Some behaviours, notifications, or in this case, files, make me wonder if I've done something wrong or if something is amiss. E.g.: Samsung devices won't even let you access Android > data out of the box, so a Samsung Android user would have had no idea these files exist, or get downloaded automatically.

[deleted]

What makes you think its unsafe? Google Store is a genuine version so i assume these files are dropped to every user. In android theres no need to worry about some unsafe file, bevause it wont get executed like an exe, or dll by any app, especiall if its in another app's data folder. If the apks you install are safe then you have nothing to worry about.

PintOfGuinness

[deleted] That explanation makes sense, and is greatly appreciated!

[deleted] What makes you think its unsafe?

As I mentioned previously, I'm still, shall we say, adjusting to GrapheneOS after only somewhat recently making the change from Stock Android. So things like getting notifications that I was never pushed before (i.e. FullArchive files downloading), and then realising my device has many of these FullArchive files saved to it, was initially a bit alarming, and thought it was an issue to be concerned about. Though in actuality, it now sounds like this would be occurring with Google Play on Stock Android too, just without the notifications or user file access to com.android.vending (as Google isn't privileged here on GrapheneOS).

[deleted] If the apks you install are safe then you have nothing to worry about.

Indeed true, I only fetch APKs from official repos (such as Proton app APKs directly from their official website). Sandboxed Google Play was installed via GrapheneOS Apps, and anything installed from the Play Store is also only from reputable devs or entities like banks, etc.

[deleted]

Though It is theoritically possible to have such functionality in an app to read and make actions based on a file's contents, but there is no way that other apps are pulling in random files and executing stuff from it or that this functionality is even there to begin with.

[deleted]

PintOfGuinness Do you have a notification from play that a fullarchive is being downloaded? Do you remember the wording they use, ive never heard of this.

PintOfGuinness

[deleted] Yes, there was a notification, though it came from Download Manager (com.android.providers.downloads). Wording was as follows:

FullArchive-lots of random numbers
Download size requires Wi-Fi

Until this notification appeared last week, I too have never heard of or seen this before. There's no mention about anything Google-related; it was only after examining the contents of each folder on my device (via the Files app) that I came across these FullArchive files, all of which are contained within Android > data > com.android.vending > files > dna_data.

For added context, this is in a secondary profile. I happened to be offline when I switched into this secondary profile, which was also when this notification first appeared. I have several secondary profiles with Sandboxed Google Play installed; all of them have the same folder path as above, though not all have FullArchive files there.

[deleted]

PintOfGuinness
Pretty unusual that youd get a notification like that.
They are safe though. From what i read they store download history and such. Source
You can get a general idea of what these files are but Quora is full off misinformation.

PintOfGuinness

[deleted] Agreed, that unusual aspect was what sparked interest in figuring this out. Thanks for retrieving that source.

I also came across several posts on Reddit, though they're quite dated (3+ years); less detail provided there, though some seem to say the FullArchive files can be safely deleted in order to free up device storage.

Wondering if @GrapheneOS @matchboxbananasynergy potentially knows?

matchboxbananasynergy

There's nothing unusual about this as far as I can tell, if the unusual aspect is Download Manager doing this, then, it's not. That's what it's there for. Apps can get it to download stuff.