Hi! What would be the best way to limit play serbices to only selected apps. I still need notifications to work from them, but would like to be sure that google can’t access anything else

  • cmrss2@aussie.zone
    link
    fedilink
    arrow-up
    0
    ·
    5 months ago

    I know in GrapheneOS that the Google Play Services are sandboxed and you can install them in a specific user profile, but I’m not sure if doing that still gives you notifications across those profiles

    Hopefully someone with a little more knowledge of this can help? lol

  • Remy Rose@lemmy.one
    link
    fedilink
    English
    arrow-up
    0
    ·
    5 months ago

    If I’m understanding correctly, this sounds just about exactly how GrapheneOS works by default. All GPlay apps work and have notifications, but are sandboxed.

    • Roopappy@lemmy.ml
      link
      fedilink
      English
      arrow-up
      0
      ·
      5 months ago

      I’m really interested in Graphene and Google privacy, but what does it mean when you say "Sandboxed? Like… I want to use Google Maps, does Google still track me? Maybe only when the app is open, and not when it’s closed?

      • Andromxda 🇺🇦🇵🇸🇹🇼@lemmy.dbzer0.com
        link
        fedilink
        English
        arrow-up
        0
        arrow-down
        1
        ·
        5 months ago

        but what does it mean when you say "Sandboxed?

        By default, on a normal Android device, Google Play services are installed as a system application. It means that you can’t remove it, and it can grant itself the permissions it needs. In contrary, regular user apps run in the Android application sandbox. They are installed by the user, have distinct permission controls that are enforced by the operating system and can be uninstalled at any time. Sandboxed Google Play is a compatibility layer created by the GrapheneOS team, which allows you to run Google Play services (which would normally require system privileges) to run as a normal user app in the regular application sandbox.