Hey all. Long time fan, first time caller. Interested in discussing your techniques for isolating apps on your device
To make sure everyone is on the same page, I'll start with our 'knowns' before exploring the 'unknowns'
Known: Graphene employs the standard Android Application sandboxing, providing some level of isolation between apps. Unlike android, which elevates Play Services as a privileged application, Graphene also places Play within a sandbox.
Known: In general, a 'zero trust' security model is wise. Isolating apps from each other, and ensuring they arent/cant share data without your explicit consent, protects us from malicious data collection
Unsure: how best to implement this on Graphene. If the app sandboxes are trusted & absolute, they should provide enough isolation, regardless whether it's a trusted FOSS app or a Google Play data collection behemoth. If you're a big fan of the tin foil hat, you can assume every app is out to get you, sandboxes are untrusted, and implement a unique User Profile for every single application, thus establishing total isolation. It seems as though most users fall somewhere in the middle, but the basis by which apps are (1) trusted to coexist, (2) quarentined to a separate profile, (3) semi-trusted to coexist in a quarantined profile are not well defined. Does anyone have a well-defined methodology for cataloging software containers? Or does everyone do it based on 'vibes'?
Bonus point: many users seem to migrate applications away from the Owner profile, thus isolating certain admin privileges from applications. On what basis do you decide this is necessary?