I just discovered the Storage Scopes feature (thank you, Graphene team) and it fits exactly what I want to do with my non-FOSS apps that I unfortunately kind of just need.

For the sake of keeping it unrepetitive, ~ means /storage/emulated/0 (or whatever Graphene's user home directory path is).

I created the directory ~/ProprietarySandboxOfDoom which I gave Slack access to only. I assume the point of Storage Scopes is that it should now only be able to find files within that directory, or its internal directory. However, when I select a file to send to someone in Slack, it can send files from any directory under ~ which entirely defeats the purpose of limiting it to that one directory.

Am I missing a step? I force-closed Slack and relaunched it, to see if the restricted storage access needed a relaunch to be applied. But it's still able to send files from any directory.

Any ideas?

    seanld444

    Slack isn't accessing files it's not supposed to. It's using the file picker.

    You can read more about storage here: https://grapheneos.org/usage#storage-access, especially this part:

    Additionally, both modern and legacy Android apps can open the system file picker interface to have the user store or load one or more files/directories on their behalf. This type of access doesn't require any of the permissions listed above. Using this approach gives the user control over where files are stored in their home directory and which files/directories can be used by the app. This is based on the Storage Access Framework (SAF) introduced in Android 4.4. SAF allows the user to grant access to files/directories in their home directory, external drives and also app-based storage providers such as network shares, cloud storage, an encrypted volume, an external drive with a filesystem the OS doesn't support for external drives, etc. This is the only way to use those app-based storage providers and modern Android has removed the legacy approach for accessing external drives.