According to this, every application in Android runs as a separate kernel-level user, with a unique user ID and group ID.
So, what happens under the hood when you add a new user (e.g. to your shared tablet)?
Answer
The Linux user IDs that Android uses to isolate apps from each other are completely unrelated to user profiles on Android 4.2 tablets.
In Android, each app gets its own directory for saving data. The Linux user ID system is used to make sure apps can't read each others' data. But all these data directories are inside one directory on the filesystem, /data/user/0
. Let's say the first user is called Abulurd, and he installs the app Showr. It might be given user ID 1004, and the directory /data/user/0/com.shadowburst.showr
.
Now, let's say you create a new user profile for Beatrice. She gets a fresh directory, /data/user/1
, which starts off empty. When she logs into the device, and installs Showr, it doesn't download the app again (because the Android app installer knows the APK file is already on the device), but it does create a new user ID 1007 (for example), and a new directory /data/user/1/com.shadowburst.showr
.
Android uses Linux filesystem permissions, and the different Linux user IDs, not only to make sure that Abulurd's Showr can't read the data of Abulurd's other apps, but also that Abulurd's Showr can't read the data of Beatrice's Showr. The two instances of Showr run in different processes, with different user IDs.
If you're familiar with Linux terminology, making a new user profile is similar to using chroot
on the device to get an isolated part of the filesystem to run apps in.
What I've described is the usual process, but just as apps can be written to share a data directory with other apps by the same developer (signed with the same key), Android gives apps the opportunity to say they work with multiple users. This way, an app can be written to have one process for all the user profiles, to let them share data or perform some special function. The lock screen has to work this way, for instance, because all user profiles share one lock screen app, which has to read all users' lock-screen settings.
No comments:
Post a Comment