• [deleted]

  • Post #15
  • Edited

WhoTheFuckisAlice

What about apps that are installed via F-Droid? Do they also have their own sandbox?

Every application runs in its own UID (A "User"), and is hence sandboxed directly by the (Linux-based) Kernel.

Are they equal to the system apps?

Nope.

WhoTheFuckisAlice What about apps installed via adb with system permissions?

Only development, runtime and appop permissions can be granted/revoked via Shell (ADB). Please explain what you mean by "system permissions".

Are they equal to the system apps

Nope.

do they run via their own sandbox?

Every application runs in its own UID (A "User"), and is hence sandboxed directly by the (Linux-based) Kernel.

WhoTheFuckisAlice Or is there only this Google Play Service sandbox?

Every application is sandboxed, even System apps. But system apps can have special (signature and privileged) permissions pre-granted by the OS.

WhoTheFuckisAlice but how does GrapheneOS negotiate the different installation options?

I don't understand what you mean.

            [deleted] Please explain what you mean by "system permissions".

            The App "App Manager" is my default installer with wireless debugging option, which is sometimes root equal, or is this ok till I did not deactivate anything :D ?

            [deleted] I don't understand what you mean.

            i have created new profile and installed only the 3 google sandboxing apps, but can not log in in my google account, because the phone is checking info over hours ... is there something special to activate to get work the google sandboxed thing. till here all works fine, so what is now different to before?

                  • [deleted]

                  • Post #19
                  • Edited

                  [deleted] nothing wrong with that if you do it right. But perhaps good luck staying private with Google, sandboxed or not.

                      • [deleted]

                      • Post #20

                      [deleted] It makes all the difference if it's in a sandbox. He has access to absolutely nothing in the phone. He only knows what's inside. On the other hand, using Exodus is a problem because it will know all the applications your phone contains and will only give you a small list of trackers. Fdroid, on the other hand, needs no introduction. Its security problems and consequent lack of privacy are well known and documented.

                          • [deleted]

                          • Post #21

                          I had an Android document on the security model. I don't know where I found it, but I'll try to find it for you.

                          • [deleted]

                          • Post #22

                          The one and only competitor to the play store is the accrescent app, but for the moment there's not much on it. These are the only two solutions that respect the Android security model.

                            • [deleted]

                            • Post #23

                            [deleted] On the other hand, using Exodus is a problem because it will know all the applications your phone contains

                            No.

                            [deleted] Its security problems and consequent lack of privacy are well known and documented.

                            F-Droid definetly has security problems, but I think it doesn't have a "lack of privacy".

                            [deleted] These are the only two solutions that respect the Android security model.

                            'Apps' by GrapheneOS respects the Android security model too.

                                  • [deleted]

                                  • Post #24
                                  • Edited

                                  WhoTheFuckisAlice

                                  The App "App Manager" is my default installer with wireless debugging option, which is sometimes root equal, or is this ok till I did not deactivate anything :D ?

                                  By giving an app access to ADB, You are letting It break the Android security model; For example, the app could grant itself many permissions like: runtime permissions (e.g. Camera, Microphone, Location), development permissions (e.g. Write Secure Settings, Interact Across Users), and appop permissions (e.g. Manage Outgoing Calls, Schedule Exact Alarm).

                                  i have created new profile and installed only the 3 google sandboxing apps, but can not log in in my google account, because the phone is checking info over hours ... is there something special to activate to get work the google sandboxed thing. till here all works fine, so what is now different to before?

                                  I'm afraid I cannot help you on this. You might consider creating a new thread, or using the Search feature to find existing threads about yout issue.

                                      To be fair, at least to my liking, the GOS team has improved the Phone app considerably, particularly by including the awesome Record function. The Contacts app is basic, but still, it is not bad at all (again, just my opinion). Yes, it doesn't have Material Design v3, but it is not uglier than the Simple Apps suite.
                                      The Messages app on the other hand... That is plain terrible, particularly the fact that it throws warning that was built for an older version of Android! Also, no line break? I mean, seriously?
                                      I know AOSP is responsible for maintaining this fossil, I just wish they'd wake up the hell up.

                                        AlanZ Also, no line break? I mean, seriously?

                                        If you are using the stock Messaging client with the stock keyboard and you hit the shift key, sometimes the emoji button will turn into a carriage-return icon (sometimes, but not always 🤔).

                                            de0u
                                            Thanks! At least I can wiggle it to work : )

                                              [deleted] By giving an app access to ADB,

                                              Yes I will reduce this, the App has 5 working methods... i will try without root/adb....

                                              [deleted] I'm afraid I cannot help you on this. You might consider creating a new thread, or using the Search feature to find existing threads about yout issue.

                                              After waiting some time I tried it again and again and for now I am in :D . Connected to my google account installed some Apps, works like a charm, so you will have some more time with me here :D

                                              AlanZ To be fair, at least to my liking, the GOS team has improved the Phone app considerably, particularly by including the awesome Record function. The Contacts app is basic, but still, it is not bad at all (again, just my opinion). Yes, it doesn't have Material Design v3, but it is not uglier than the Simple Apps suite.
                                              The Messages app on the other hand... That is plain terrible, particularly the fact that it throws warning that was built for an older version of Android! Also, no line break? I mean, seriously?
                                              I know AOSP is responsible for maintaining this fossil, I just wish they'd wake up the hell up.

                                              I must change the keyboard, another clock and calender app and i will try the stock app for now in the first time, this feature of contact scope is a very nice thing, phone app does his job. would be great with more settings in call recorder like automated record or so.

                                                    I agree and disagree with some points on both sides of the discussion here, however, it has nothing to do with the topic of the discussion.

                                                    In order for forum threads to remain useful in the long run, and to serve as a valuable resource for people to search in the future, try not to treat them as a "message board" for ephemeral conversations that jump from topic to topic. By keeping threads focused on their topic, you're helping people far into the future to get information that's relevant to their query.

                                                    To be clear, this is not mostly directed at OP, but also at other participants in the thread that started taking the conversation to another place.

                                                    For more "real-time" and "flowing" conversation, we have our Matrix rooms, where that would be more appropriate. Thanks all!

                                                    treequell locked the discussion .

                                                    This Forum isn't a space for bickering, especially not about topics which are irrelevant to the original topic of this thread. You were already warned by another member of the moderation team, yet some of you continued. As a result, I've locked this thread and removed some of the comments.