question regarding to security

feifeipig

Hi all, I am a new user.

I am wondering if it's safe to install unknown app (such as apps from China) on GOS? Is there any way for a bad app to escape android sandbox? Is it much better or no big difference to install in different profile?

Also I heard android allow apps to read list of installed apps on the phone? Is that the same with GOS? Anyway to block this permission?

Thanks!~

[deleted]

feifeipig If you install them into another profile its like installing it on another phone. Its safer because they wont see your installed apps list and you can grant them more permissions without compomising your main profile.

TheGodfather

feifeipig Also I heard android allow apps to read list of installed apps on the phone?

Only apps in the same user profile.

feifeipig Is that the same with GOS?

Yes

feifeipig Anyway to block this permission?

No. Use a different user profile, if you are concerned about it

feifeipig Is there any way for a bad app to escape android sandbox?

Sandbox escapes on Android have been rare, but they happened in the past. But it's usually only a concern with sophisticated malware (e.g. from state-level actors). GrapheneOS's sandbox is stronger than stock Android's, but you still won't have 100% certainty that it will not happen.

feifeipig Is it much better or no big difference to install in different profile?

It is still the same sandbox. Just some access is different (no IPC and no app listing cross-profile).