Multiple user profiles / separation / containerization of users

mpl · January 24, 2023, 11:53am

Hi People,

I am using a Fairphone 4 purchased from Murena with /e/os 1.6-s 2022129238946-stable-FP4 since a month now. So far it has been both a refreshing and a challenging experience - in general I am really happy with it.
I have accumulated many questions and observations. But trying to stay on point with this topic so I will share them across new and existing topics rather than one long read.

This is a question about the creation and use of additional user accounts. For example to separate work and private use.

Prerequisites – I use opensource apps and privacy friendly apps where possible but in the real world I have to use apps like MS Teams, Outlook, WhatsApp etc. Many posts talk about Shelter to organize that. I tried to install Shelter but it will not work - it actually notifies me that it is not install-able for my phone/OS combination.

But what does Shelter do that cannot be accomplished with an additional user account to containerize work and/or privacy unfriendly apps?

Use case example with Whats app:
I’ll create an additional user account, I’ll install WhatsApp + an address book with only limited amount of contacts (so that FB will not have my full list of contacts).

Are user accounts totally separated as far as privacy is concerned? No leakage?
Is it possible for this new user to utilize the second sim in my phone?
Is it possible to effectively tailor Advanced Privacy per user account?

Another use case for example could be, (while waiting for per app location permissions ) to do the Magic Earth navigation from another user which uses real location? As switching users is really fast it would be easy to do.

Anyway, I am looking forward to your insights.

Maarten

Regain your privacy! Adopt /e/ the unGoogled mobile OS and online services phone

tcecyk · January 25, 2023, 4:33pm

the forum by now has a lot of info that gives quite an insight, give it a try. Answers not older than a year should still be current

they’re two users, so the addressbook and app data really are separated
but! - they’re separated in everything but the modem. SIM card usage is global, only the main user can place calls, every user can receive them. Call history will be accessible across user accounts (I go into this partly at Shared call/chat history between multiple users - #2 by tcecyk and SMS apps don't work under Shelter [CLOSED - unrelated to /e/] - #3 by tcecyk)
Advanced Privacy had issues with per-user settings, Advanced Privacy doesn't identify trackers in pro profile (Shelter) (#5648) · Issues · e / Backlog · GitLab - my advice is: use the tracker block in all profiles, but skip hide-my-ip and location-spoof.
on your 4th question, as you rightly noted that you can’t exempt a single App from the location-spoof, you’d need to test if the location-spoof / AP setting is per-user. Quite possibly

on MS Teams, Outlook: there’s also Office365 login.microsoftonline.com DNS_PROBE_FINISHED_NXDOMAIN - you’ll need to exempt the domain from being blocked for it to work. As of now you can’t use a outlook Email within “Mail” (Mail with Outlook/Office365 servera - #9 by tcecyk), you’d need to use the upstream k9mail.

ForumGPT would be great to do some auto-answering now that I come to think of it

mpl · January 25, 2023, 8:15pm

Thank you tcecyk for your rich comments and answers!
Yes there is a lot to be found on the forum already. It didn’t emerge in my initial search however, so I am happy with your feedback.

I’ll try some of your suggestions and links. It is especially important for me to discover and understand current possibilities and limitations of using /e/OS Even more so because for the larger part I will be just a user. A user striving for the best mix of privacy and daily usability.