I am new to android app development and while reading from google's android documentation I came across android sandbox. Explanation to this term is not clearly given there so I tried searching the internet but couldn't find anything satisfying. I know that it is something related to security provided by linux kernel in android. Can anyone please explain me clearly what is sandbox and how it works as it seems to be quite an important topic .
Asked
Active
Viewed 1.5k times
10
-
Please read about the sandbox concept in general. Android is not the only one using it. https://en.wikipedia.org/wiki/Sandbox_%28computer_security%29 – André Schild Jul 21 '15 at 06:20
-
I tried searching but couldn't find anything satisfying explanatory as I said . – Shivam Aggarwal Jul 21 '15 at 06:51
3 Answers
13
Android applications run on a VM (Virtual Machine), and are completely isolated one from another due to the permissions Android gives each app. Basically each application on android is a separate user, and they have their own space on the "disk". That means Applications cannot access each other's space, Cannot uninstall or mess with each others data.
Only one user has access to OS and all applications, it's the root. So when people "root" their phone, they basically get root permissions, and can mess with every application including system services and libraries. But that's off topic
Michael P
- 2,017
- 3
- 25
- 33
-
Thanks for your answer but where does sandbox come in here bro. – Shivam Aggarwal Jul 21 '15 at 06:48
-
The Sandbox is the idea that your application is isolated, and restricted. That's what a Sandbox eventually means. As you can see the link André Schild posted. en.wikipedia.org/wiki/Sandbox_%28computer_security%29 It's a general term, and is more of an idea than a precisely defined technical term, as the restrictions applied to the app are implementation specific. For example your javascript code on the browser runs as a Sandbox as well, but is very different from the Sandbox in which an Android app runs. In that case different restrictions applied but the idea is the same. – Michael P Jul 21 '15 at 17:02
-
thanks for the explanation @MichaelP , just wanted to check isn't it similar to linux cgroups? where each process has its own address space and file descriptors.. – lazarus Aug 22 '18 at 09:45
-
Actually I am not sure. As far as I remember and please don't quote me on that. It's as simple as, each app is a separate user, and so each user has permissions to write/read/modify only its own space, and control its own app. And that's where the "root" comes from, So if you gain root permissions to your phone you essentially have root level privileges and can do whatever. (so rooting the phone would be gaining root access) and Android system services have root level. But again, I am not 100% should how Android is enforcing it – Michael P Aug 22 '18 at 22:03
-
So would this protect the system from a relatively hostile application? Or, does this primarily protect the application from others (as is implied but not clearly stated in other answers)? My daughters use TikTok and I want to be able to follow them, but I don't trust The CCP/ByteDance. – Bruno Bronosky Aug 26 '21 at 14:36
2
The security of the Android operating system is based on the following key security features of the Linux kernel:
1-Process Isolation
2-User-Based Permission Model
3-Inter-Process Communication (IPC)
Sandboxing Android platform uses the Linux user-based permissions model to isolate application resources. This process in called application sandbox.
The aim of sandboxing is to prevent malicious external programs from interacting with the protected app.
You can Find more Details Here
Islam Alshnawey
- 692
- 10
- 15
1
First of all, you have to know what is a sandbox -
Sandbox - A sandbox is an isolated testing environment that enables users to run programs or execute files without affecting the application, system, or platform on which they run. To get a detailed view, you can have a look in here
Android Application Sandbox - Developers that don't want an application to be touched by outside influences. The Android Application Sandbox, which isolates your app data and code execution from other apps that's why applications can't modify data of each other in a device.
Gk Mohammad Emon
- 6,084
- 3
- 42
- 42