leafnose Because of IPC (interprocess communication), it should be considered that one Google app having network permission is all it takes to give somehow network access to all other Google apps (and beyond) in the same profile.

That would require Play Services to have a backdoor-like code (since such activity cannot be considered a bug, it has to specifically work this way) like for example creating a unix domain socket / named pipe, in order to harvest data
from one app to another. Can they theoretically ship a malicious update to make it happen? Yes, but the probability
of it happening is very slim to none. And sending it over the network to their servers without consent is equivalent to malware, which we both know they would not do in this way, when most users happily store their Photos on the
"unlimited" Google Drive anyway.
If switching profiles just to take a picture is your way to feel safer from such scenario, you are welcome.

      For Google Camera I have storage scopes on but I didn't add any files or folders. I wouldn't add the DCIM folder because then it can access anything in those folders created by other apps, like the GrapheneOS camera.

        I thought gos cam is as good as pixel cam.
        Is it?
        So there's no need for pixel camera. Isn't it?

          AlphaElwedritsch
          "As good as" in the sense that the photo quality is good, yes.
          Pixel Camera has a number of features (such as Magic Eraser) that provide additional enhancements to photos, which default camera doesn't have and can't do.

            23Sha-ger

            If switching profiles just to take a picture is your way to feel safer from such scenario, you are welcome.

            I only said to OP what my setup was, and I didn’t really explain that my choice was the result of the scenario you described.
            I think the most convincing reason to have Google Camera in a separate profile is because it’s more foolproof regarding metadata – yes I feel safer that way. It immensely reduces the risk of inadvertently sharing a photo with full metadata (although ExifEraser is installed in the same profile).
            For non-aesthetic photos or for ones for which resolution is not crucial, GOS Camera in all profiles is quite enough.

            With regard to IPC, I said ‘somehow network access’, and my reasoning is quite simple, and is based on what I’ve understood reading through this forum – perhaps I did misunderstand something: there’s no way to know what apps share with each other, it is therefore best to have hermetic apps towards Internet when the trust is low.

            […] in order to harvest data from one app to another.

            It is my understanding that’s exactly what IPC permits, as long as the two apps agree. It is also my understanding that IPC, as is, is already quite powerful, and that you don’t need a backdoor when the front door is wide open.
            I am not saying that Google is massively collecting photos through the Google Play Services (GPS) app, but it is best to keep in my mind that many things are possible, like for instance, GPS informing Google servers each time you open Google Camera or take a shot with it.
            Or for instance, should you save the location (as metadata) in your photos with Google Camera while having another Google app with Internet capabilities running, I would be concerned.

            AlphaElwedritsch
            My experience is that GOS Camera is not on par with Google Camera when it comes to output quality, notably regarding sharpness, resolution, and noise.

                other8026 For Google Camera I have storage scopes on but I didn't add any files or folders.

                How does that work out for you? I thought permitting access to a folder is necessary for it to save photos/videos.

                Where do they get saved in that case?

                    leafnose With the GOS Camera, there are too many what seem to be noise reduction artifacts for my taste.

                    I often see a purplish, static-like effect on the corners of my pictures when I reduce the aperture on the GrapheneOS Camera. Is that it?

                    I also hope CameraX extensions advance enough to add support for adjusting focus manually like with Google Camera. Hope it happens sooner than later.

                        yore the photos get saved to the same place as usual. Turning on storage scopes just makes the app think it can access all of storage, but it storage will appear to be empty except for files the app itself created. Even without storage scopes, Google Camera can still save files to the DCIM/Camera folder.

                        The way android does storage stuff is a little different. You can read through storage access section of the website to see how all that works.

                            When an app asks for access to storage, whether it's all files access or just certain media types, I always just enable storage scopes for that app so it stops asking for access.

                            The only times I can think of where I add a file or folder to storage scopes for an app to access are:

                            • I need to send a file using a messenger app and the app doesn't support using the system file picker
                            • Editing specific photos (I either add the photo file or move the photo to a folder that's added in storage scopes)
                            • For gallery apps, I add regular media folders, like the Pictures, Movies, and DCIM folders.

                              other8026 I wouldn't add the DCIM folder

                              Also

                              other8026 For gallery apps, I add regular media folders, like the Pictures, Movies, and DCIM folders.

                              Cool Schrödinger's cat.

                                    23Sha-ger he said he would only add DCIM access for gallery apps, not to pixel camera or anything else. Not sure what that has to do with Schrödinger's cat? O.o

                                      other8026 Thanks for explaining!

                                      other8026 Even without storage scopes, Google Camera can still save files to the DCIM/Camera folder.

                                      So if I understand this correctly, it won't matter whether or not I enable Storage Scopes as the media will save to the DCIM/Camera folder regardless?

                                      And if I reinstall Google Camera, would I need to grant Storage Scopes and select the folder for the app to see the previous media? Would that mean permitting access to the DCIM/Camera folder?

                                            yore

                                            I often see a purplish, static-like effect on the corners of my pictures when I reduce the aperture on the GrapheneOS Camera. Is that it?

                                            That would be something else.
                                            Do you mean directly reducing the aperture? How do you do that?

                                            yore
                                            To answer your first question: my experience is that you have to enable Storage Scopes, otherwise you’ll always see the prompt asking you to choose the permission and you won’t be able to use the camera app.

                                            • yore replied to this.

                                                  yore So if I understand this correctly, it won't matter whether or not I enable Storage Scopes as the media will save to the DCIM/Camera folder regardless?

                                                  Yes.

                                                  And if I reinstall Google Camera, would I need to grant Storage Scopes and select the folder for the app to see the previous media? Would that mean permitting access to the DCIM/Camera folder?

                                                  Correct, see this from the Storage Scopes section:

                                                  The most significant limitation of Storage Scopes is the fact that the app will lose access to files that it created if it's uninstalled and then installed again, same as any other app that doesn't have a storage access permission. As a workaround, users can manually grant access to these files/directories via SAF picker.

                                                  Can Google Camera change its save location? If yes, you could also consider making a "Google Photos" folder, setting it as the location for images taken, and then adding the folder in Storage Scopes for the Google Camera.

                                                      Dumdum Correct, see this from the Storage Scopes section:

                                                      Would that open up the possibility of Play Services seeing my media?

                                                        Dumdum
                                                        The media won’t save to the DCIM folder because the Camera app won’t be useable.
                                                        For Google Camera to work, the Photos and videos permission has to have something selected, the most conservative choice being Don’t allow (+ Storage Scopes).

                                                          leafnose That would be something else.

                                                          I don't follow what you mean by noise?

                                                          leafnose Do you mean directly reducing the aperture? How do you do that?

                                                          Before capturing the picture, reducing the brightness slider.

                                                                GCam doesnt need any additional play services on GrapheneOS

                                                                • yore replied to this.

                                                                  missing-root I know. But I sometimes enable Play Services for other apps that need it. And from this thread, it seems like Play Services can communicate with Google Camera even if Google Camera is disabled.