I confess that I come from the happy world of unix computers, and am used to the concept of user accounts and hence group gids and userids uids. For the occasional usage of an untrusted app (i.e. whatsapp/facebook) I have created another user profile for many reasons, but mostly because I wanted to reduce any potential access whatsapp/facebook might gain with regards to my main account.
Now the strange thing is that to the best of my understanding the protection mechanism of AOSP, relies on assigning a actually user ids to individual apps, as with those uid, the apps can be limited using that the underlying linux kernel provides Unix Discretionary Access Controls (i.e. file accesss dependent on uid and gid).
My question is if I am misleading myself that AOSP provides any stronger protection with regards to multi-users (in between the accounts) than it does with regards to the various apps to each other?
No comments:
Post a Comment