• Edited

@GrapheneOS How does the security of the isolation between different user profiles compare to the isolation of a private space inside a user profile?

    hi,
    I currently have the problem that I cannot reinstall protonvpn in Private Space. It does not install via F-Droid and APK and Aurora Store report package conflicts (although I had temporarily uninstalled the app in the main profile). Is there a way to route the traffic from Private Space through my VPN in the main profile?

    Thanks in advance.

      fxnn It's similar, but they run within the same overall SystemUI and also have a shared clipboard. We can likely easily add a toggle for isolated clipboard but it's still less separate than users due to shared UI. We haven't checked exactly how an accessibility service in Owner interacts with a Private Space, but that's one example of a case where it would be much less isolated.

      It doesn't look like users other than Owner can create Private Spaces. I only use the Owner for app installation and updates and everything else happens in a main user profile. Would it be possible to add Private Space functionality to non-Owner users?

        @randallont The claim on Reddit is unsubstantiated and doesn't make any sense. The described symptoms are a low level hardware failure that's not possible to trigger with software bugs alone. There is no real risk of bricking the phone at a low level using Private Space. It could trigger OS bugs but it's not going to break the hardware, and we haven't seen any indication of any kind of corruption or other issue triggered by it anywhere. News organizations spreading unsubstantiated and unverified claims based on anecdotes on social media are irresponsible spam sites.

        Hawk_Tuah F-Droid incorrectly reuses app ids for their own builds signed with their own keys. You can't install multiple variants of an app with the same app id such as app.organicmaps from the Play Store and app.organicmaps from F-Droid in separate profiles because the OS enforces key pinning across profiles. Each variant of an app SHOULD have a separate app id such as how our Play Store releases of our apps use a suffix (app.grapheneos.camera.play instead of app.grapheneos.camera). You're likely trying to install different variants from what you have elsewhere. The version also has to be equal or greater than what you already have installed. It works the same as a work profile or user profile in this regard.

          Hawk_Tuah
          fortunately it seems to be a rare occurrence similar to the android 14 storage bug with multi users that only effected some pixel 6 devices.

            randallont The described symptoms are a hardware failure, not data corruption. GrapheneOS was not impacted by those series of data corruption bugs due to having newer kernel LTS revisions with the patches for them. We've also avoided shipping any serious data corruption regressions impacting any significant number of users in the newer kernel LTS revisions, which is something we're always worried about. The LTS kernel revisions have very poor testing and the f2fs changes scare us. We're cautious about them.

            • Edited

            @GrapheneOS Is it possible to install apps into private space from the personal space as described here:

            https://support.google.com/android/answer/15341885?hl=en

            In “All Apps:”

            1. Touch and hold an app.
            2. Tap Install app in Private space.
            3. To complete the installation, follow instructions on the installer app.
            4. The new instance of the app is installed. The previous instance isn’t copied or modified.

            I wasn't able to find "Install app in Private space". If this isn't possible rn, is there another way to install apps into private space from personal space?

              d0ckR

              If there is no SMS app and possibly no phone app in the private profile, what about apps who ask for phone permission?

              Will those apps still be able to read the sim cards phone number if phone permission is granted?

                GrapheneOS I had uninstalled protonvpn again, cleared aurorastore and droid-ify cache and memory and tried to install protonvpn in the main profile via aurorastore. Again, it still gives “Conflict with existing package INSTALL_FAILED_UPDATE_INCOMPATIBLE: Existing package ch.protonvpn.android signatures do not match newer version;ignoring”

                Is there a way to delete the old signatures?

                  fxnn All this does on stock is launch the play store in the private space. You still have to install it separately. We removed that button because it was confusing people.

                  Simply install the app stores you want in the private space and install the apps as you would normally.

                    If one were to install Sandboxed Google Play Services inside a private space, would Google Play Services be prevented from IPC communication with apps installed in the same profile but outside of the private space?

                    Also, in that same scenario, would push notifications function for apps inside of the private space?

                    Thanks again to all the GOS developers.

                      • Edited

                      I really like the private space and this has led me to change my configuration to something that seems better to me, my main profile is essentially made up of apps from Accrescent with the exception of three apps that come from official Github repositories (I'd like all my apps to come from Accrescent) and the private space is for Sandboxed Google play services where I can put useful apps but which I don't like much either, and that I don't want to see constantly on the main profile, I've created a second system-wide profile just for Android Auto, yes this configuration suits me fine!

                        • Edited

                        GrapheneOS Thanks, but I was referring to secondary user profiles not work profiles. Are there any real advantages of a user profile over a Private Space?

                          • Edited

                          yore I can share with you my use case, I chose a second user profile for GPS with Android Auto rather than private space, only because I don't know whether or not Android Auto could shut down if private space ever locks, imagine yourself driving, you don't want that to happen, but you know what, I'd experiment to get the answer.