Thank - so in term of security, why do we need to treat them differently from untrusted app? Is it because it is customized for limited services instead of activities? Can we rely on Android framework to limit its communication?
Thanks, Tai On 3/27/14, 3:22 PM, "Stephen Smalley" <[email protected]> wrote: >On 03/27/2014 03:12 PM, William Roberts wrote: >> Linux user ids are set aside for apps that have isolated = true in >> their manifest. It runs it as a separate process with its own UID. >> >> I dont have the code in front of me but their is a file in >> system/core/ i think includes that defines the user id mappings. Its >> included directly in libselinux/src/android.c >> >> Some info for the app side: >> http://developer.android.com/guide/topics/manifest/service-element.html > >Any process with an appid between AID_ISOLATED_START and >AID_ISOLATED_END is mapped to user=_isolated by libselinux, and then >seapp_contexts has an entry that maps user=_isolated to >domain=isolated_app. > >As Bill said, this is only for services with an >android:isolatedProcess="true" attribute. The Chrome sandbox is one >example. > >
