The setup page for PS says, at least in Google stock OS: "Anyone that connects your device to a computer or installs harmful apps on your device may be able to access your private space". This doesn't occurs with separate profiles, that are not accessible from apps. Seems that PS is less secure than to have separate profiles, no?

    Private Space is for sure the coolest feature in Android 15. I love it!
    It would be so cool to have the ability of having multiple Private Spaces in owner, I hope we will get that one day.

    And I just noticed that I can't install PWAs in PS, that sucks :(

    cdflasdkesalkjfkdfkjsdajfd If you keep it locked, it's as safe as a separate user profile. But you won't be getting notifications. It's another tool, not a replacement.
    And in case something goes spectacularly wrong, like someone starting a screen record on Owner, they could see what you're doing in private space, but at this point, you have other problems.

    As I see it, currently user profiles have the following security related advantages:

    • separate view (I think GrapheneOS mentioned they still investigate this area: accessibility apps, autofill apps, etc.)
    • separate clipboard (for now, but GrapheneOS is working on disable option)
    • ability to lock and still send notifications (with Graphene's forwarding)
    • you can have many of them

    I'll move gov-id app and phone carrier app there, as they don't need notifications, and keep it locked. Maybe separate passwords manager and notes apps, with less used, but extra valuable stuff.

    From time to time GrapheneOS mentions they work on fast user profile switching, I'm still counting on this.

      @GrapheneOS Installing apps in Private Space using Google Playstore grants "Network" permission by default. Is this a bug?

        Upstate1618 Can apps in Private Space know what apps I have in the owner profile, or vice versa?

        Murcielago I can't tell whether apps (including Sandboxed Google Play) in the Owner Profile can see those in the Private Space and vice versa.

        Upstate1618 Also can app in the owner profile see what apps I have in Provate Space?

        They can't. As per https://xcancel.com/GrapheneOS/status/1848750760252620814#m

        Quote:

        Apps can't communicate between the Owner user profile and the nested Private Space other than the clipboard. We could add a setting to control the shared clipboard though.

        Can also use apps to test whether they can see apps in other profiles. I did a non-academic experiment: https://discuss.grapheneos.org/d/15729-how-does-private-spaces-isolation-compare-to-secondary-user-profile/68

        Also keep in mind that GrapheneOS wrote in the first post in this thread that apps in Private Space are regular sandboxed apps.

              daycare-escapee Installing apps in Private Space using Google Playstore grants "Network" permission by default. Is this a bug?

              Could you please share more details and clarify what you mean? Such as whether or not you are explicitly denying them network permission in the Install dialogue?

                  fid02 I kicked off installation of a bunch of apps. While the Playstore was in foreground, I was prompted with the Install dialog. However, once I went to Homescreen and the Playstore was no longer in foreground, I wasn't prompted with the Install dialog anymore for the apps that were still being downloaded. Later those apps were installed in the background with "Network" permission allowed.

                      daycare-escapee

                      daycare-escapee Later those apps were installed in the background with "Network" permission allowed.

                      I noticed the same thing using Aurora Store. No popup asking for network permission when installing apps in background in private space.

                            • [deleted]

                            • Post #66

                            Pixel 6a

                            Private space misbehaves so much that I factory re set my phone and now don't use it any more.

                            I initially enabled private space and loaded in apps, no problem
                            Set a pin, no problem
                            Lock private space, no problem
                            Unlock private space and no apps show in the private space screen, however taping the space launches apps. From now on private space is always blank... including GrapheneOS apps. tried hiding and un-hiding private space to no avail, all the apps including the GrapheneOS apps are not visible but can be tapped and launched, if you can remember where they are. Is this how private space is supposed to operate? I have no idea, but don't think so.
                            I deleted and reinstalled private space no apps visible.
                            I factory reset the phone and tried again.. apps visible in private space until I close it and later open it to reveal no apps visible
                            Now if I use a pass phrase, I cant open Private space, with the correct pass phrase.
                            Given up.
                            Factory reset the phone a 3rd time and wont use private space.

                            Anyone else have this anomaly?

                              Today i noticed another issue with private space. If you open an app directly after unlocking right when the icon gets visible. The app directly closes after opening. This then keeps happening to all apps untill i lock and unlock the Private space.

                              Has anybody else seen this?

                                Can the Google Play Store inside the private space install and update apps outside of it? Like how the Google Play Store on the owner profile can push apps to other profiles and update them, all from that owner profile.

                                I'm guessing the answer is no, but thought it'd be best to make sure.

                                  Is it possible to use a banks wallet app (other than google wallet/pay) in the private space and make one of the banking cards in that wallet the default one? It is possible in owner and user profiles.

                                    tilion_silverbow

                                    Can the Google Play Store inside the private space install and update apps outside of it?

                                    No.

                                    Like how the Google Play Store on the owner profile can push apps to other profiles and update them, all from that owner profile.

                                    That's not true. Sandboxed Google Play is a regular sandboxed app and cannot do things across profiles. It has nothing to do with how it works on the stock OS where Google Play are privileged OS components with privileged permissions to interact and operate across profiles among many other things. That is certainly not the case on GrapheneOS.

                                    Packages installed across multiple profiles are shared and updating them in one will update them across the others. That's not specific to any particular installer.

                                        GrapheneOS does updating apps in Owner profile also update apps in private space or is that only between profiles?

                                            @GrapheneOS Is there any security reason to use different password for private space instead of only screen unlock? It was advised for secondary users.

                                            Is it possible to use Android Auto in the private space?