I confess that I come from the happy world of unix computers, and am used to the concept of user accounts and hence group gid
s and userids uid
s. For the occasional usage of an untrusted app (i.e. whatsapp/facebook) I have created another user profile for many reasons, but mostly because I wanted to reduce any potential access whatsapp/facebook might gain with regards to my main account.
Now the strange thing is that to the best of my understanding the protection mechanism of AOSP, relies on assigning a actually user ids to individual apps, as with those uid
, the apps can be limited using that the underlying linux
kernel provides Unix Discretionary Access Controls (i.e. file accesss dependent on uid
and gid
).
My question is if I am misleading myself that AOSP provides any stronger protection with regards to multi-users (in between the accounts) than it does with regards to the various apps to each other?
No comments:
Post a Comment