Android's shared userid functionality allows two apps, signed by the same signature, to share the same sandbox.
http://developer.android.com/guide/topics/manifest/manifest-element.html#uid Other apps, as always, would not have access to this sandbox. Within this sandbox, files and data can be shared freely. Does this meet your needs? -- Nick On Thu, Nov 8, 2012 at 8:33 PM, Abhi <[email protected]> wrote: > Hi, > > Actually the concept is to make a separate sandbox where the apps can run > under certain custom restrictions. For example I want two apps to run in a > same container and can share data internally but not with other apps i.e. a > container app which can run several apps that can share data with each > other but not outside the container. > > Any ideas on this? I have seen VMWare doing some similar thing on android. > > Any help would be appreciable. > > > > > On Thursday, November 8, 2012 10:17:13 PM UTC+5:30, nnk wrote: > >> >> Hi Abhi, >> >> Can you clarify exactly what your threat model is? Against what attack is >> your app trying to defend against? >> >> All Android applications run in an Android sandbox. Android sandboxes are >> implemented as separate Linux UIDs. All files / directories created by your >> app are isolated from other apps unless you explicitly share them. Other >> apps cannot access your confidential data absent a compromise of the >> Android security model (for example, rooting). >> >> It's not clear from your brief e-mail below why the default sandbox is >> insufficient to address your attack scenario. >> >> -- Nick >> >> On Thu, Nov 8, 2012 at 6:57 AM, Abhi <[email protected]> wrote: >> >>> Is containerization of android apps possible such that they run under >>> restricted sandboxes? I have seen some discussions over these but I could >>> not actually find any true solution. >>> If its possible then How may we accomplish containerization/sandboxing >>> over apps? Any help would be appreciable >>> >>> -- >>> You received this message because you are subscribed to the Google >>> Groups "Android Security Discussions" group. >>> To view this discussion on the web visit https://groups.google.com/d/** >>> msg/android-security-discuss/-**/ZnP7STMclm4J<https://groups.google.com/d/msg/android-security-discuss/-/ZnP7STMclm4J> >>> . >>> To post to this group, send email to android-secu...@**googlegroups.com. >>> >>> To unsubscribe from this group, send email to android-security-discuss+* >>> *[email protected]. >>> For more options, visit this group at http://groups.google.com/** >>> group/android-security-**discuss?hl=en<http://groups.google.com/group/android-security-discuss?hl=en> >>> . >>> >> >> >> >> -- >> Nick Kralevich | Android Security | [email protected] | 650.214.4037 >> >> -- > You received this message because you are subscribed to the Google Groups > "Android Security Discussions" group. > To view this discussion on the web visit > https://groups.google.com/d/msg/android-security-discuss/-/ifwo2g_uyAYJ. > > To post to this group, send email to > [email protected]. > To unsubscribe from this group, send email to > [email protected]. > For more options, visit this group at > http://groups.google.com/group/android-security-discuss?hl=en. > -- Nick Kralevich | Android Security | [email protected] | 650.214.4037 -- You received this message because you are subscribed to the Google Groups "Android Security Discussions" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/android-security-discuss?hl=en.
