Technically No, all apps are sandboxed on Android, the sandboxing comes from our compatibility layer enabling what Google believes should be run as system apps, as user ones governed by stricter policies.
Apps however can still communicate by IPC and see what apps are in a given user. Therefore some like myself silo apps dependent on Play Services with Play Services themselves in a secondary user putting it back at rest by Ending Session when used. I do this primarily due to having some, legacy, requirements for my identifiable Google Account.
Sandboxed Play Services can be used anywhere however if you need app access to it's functionality (webauthn being one example) without being signed in. Choice is yours.
MetropleX [GrapheneOS] ⚡🟣
npub1gd…7cn8c
2024-01-10 20:00:15
in reply to nevent1q…z7u5
Author Public Key
npub1gd3h5vg6zhcuy5a46crh32m4gjkx8xugu95wwgj2jqx55sfgxxpst7cn8cPublished at
2024-01-10 20:00:15Event JSON
{
"id": "68a1a599e80d336fa15de194134d034bbc42e329a501d886e218f7062f642c3d",
"pubkey": "43637a311a15f1c253b5d60778ab7544ac639b88e168e7224a900d4a41283183",
"created_at": 1704916815,
"kind": 1,
"tags": [
[
"e",
"55328f03bff6add992373dd10aee586ce9d4ed5691fc5c2526213185aa3048d4",
"",
"root"
],
[
"e",
"bcbc9322a74ed7a70853dbdd2340137660984bccf9b68eb4e63fac42548a9fa5",
"",
"reply"
],
[
"p",
"124b23f2f6755402aa7814b185ccd1066fbf0f9e2b7e563683c783db02455947"
],
[
"p",
"43637a311a15f1c253b5d60778ab7544ac639b88e168e7224a900d4a41283183"
]
],
"content": "Technically No, all apps are sandboxed on Android, the sandboxing comes from our compatibility layer enabling what Google believes should be run as system apps, as user ones governed by stricter policies.\n\nApps however can still communicate by IPC and see what apps are in a given user. Therefore some like myself silo apps dependent on Play Services with Play Services themselves in a secondary user putting it back at rest by Ending Session when used. I do this primarily due to having some, legacy, requirements for my identifiable Google Account.\n\nSandboxed Play Services can be used anywhere however if you need app access to it's functionality (webauthn being one example) without being signed in. Choice is yours.",
"sig": "ea9e79fd538882e05b3f0aa124cbb699f05c9c70fcfdda5581eb3e8ef42c329c9d91b2df7d9233bd3176d58199dcb437b0236642016ee19a8e392ee76e7fd825"
}