Sandbox, process, and permission
In Linux, a user ID identifies a given user. on Android, a user ID identifies an application. The application is assigned a user ID during installation. The user ID remains unchanged during the lifetime of the application on the device. Permission is about allowing or restricting applications (rather than users) to access device resources.
Android uses the sandbox concept to implement separation and permissions between applications to allow or deny an application to access device resources, such as files and directories, networks, sensors, and APIs. Therefore, Android uses some Linux utilities (such as process-level security, application-related users, group IDs, and permissions) to implement the operations that an application can perform.
Two Android applications, each in their own basic sandbox or process
Android applications run on their own Linux processes and are assigned a unique user ID. By default, applications running in basic sandbox processes are not assigned permissions, thus preventing such applications from accessing systems or resources. However, Android applications can request permissions through the manifest file of the application.
Android applications allow other applications to access their resources by doing the following:
Declare appropriate manifest Permissions
The program runs in the same process as other trusted applications to share access to their data and code.
The latter is shown in figure 2.
Two Android applications run in the same process
Different applications can run in the same process. For this method, you must first sign these applications with the same private key, and then assign them the same Linux User ID using the manifest file, this is done by defining the manifest attribute android: sharedUserId with the same value/name.
Developer Cases
Figure 3 demonstrates a lot of security-related use cases that will be found during Android application development.
Figure 3. Security fields when compiling Android applications
An application or code signature is a process in which private, public key, and public key certificates are generated to sign and optimize the application.
Permission is a security mechanism of the Android platform to allow or restrict application access to restricted APIs and resources. By default, Android applications are not granted any permissions and are not allowed to access protected APIs or resources on devices, thus ensuring their security. The permission must be requested, and custom permissions are defined. Files and content providers can be protected. Check, execute, Grant, and revoke permissions at runtime.
Next, let's take a closer look at each security field.