Default App Sandboxing

Since first using /e/ long before 1.0 I have come to understand what mobile privacy should and could be. I think advanced privacy was a great step forward. Beforehand i used to mod apk packages one by one to try to disable trackers, only to find the app hardly works. I also used to use tor seperately. The integration with ADVANCED PRIVACY now is wonderful.

What I would like to see now is default sandboxing. I and i’m sure, other veteran /e/ users use: shelter, freeze, or a similar sandboxer to stop/limit prying into highly personal apps. I was thinking maybe /e/ can profile sensitive apps (like QKSMS, Contacts, Call Logs, Calendar, Gallery) automatically on install. If we need to share images outside the profile, a temporary allowance could be made. Then after it reverts to default.

What does everyone think?

Regain your privacy! Adopt /e/ the unGoogled mobile OS and online servicesphone

1 Like

I don’t think you should sandbox basic applications on /e/OS (or even on android in general) because at the kernel level of Android OS, every application is a separate process with unique values of user/group ID, that are given to it during the installation, which runs after the launch in its own “sandbox”.

The shelter/insular case especially allows you to create a workprofile in which to restrict further access or limit the list of contacts registered (plus some other functionality like application freezing, but you don’t necessarily need to be in shelter to do this - SuperFreezZ does it very well for example).

But I’m curious to hear other people’s opinions too :slight_smile:

1 Like