add support for scoped apps only able to see or interact with system components, not other third party apps (i.e. get some benefits of profiles without using them)

[thestinger]

This isn't necessarily desirable rather than just improving the usability and flexibility of profiles, but is worth thinking about.

[thestinger]

Android 11 has some initial infrastructure for this by disallowing direct / explicit communication and discovery of other apps without having appropriate query entries in the manifest.

[codethief]

That would be a great feature!

Would that also be a good opportunity to address existing deficiencies of using a work profile to isolate apps (i.e. only for security purposes)? E.g.,

• the keyboard (and the dictionary) having to be re-configured for both personal and work profile,
• the password manager (autofill service) only being available in the profile in which it is installed,
• "Open link with app" (app deep links) not working automatically / only if the app is installed in the same profile, or
• links always opening in the browser of the current profile.

Now, all these separation "features" might be a good and sensible decision for some people or in some situations (especially if you do use your work profile for work) but in my case it just adds friction.

[weyounsix]

this is a desirable enhancement, particularly if the scoped apps can behave as if in different user profiles-- i.e. different network, vpn & sensor settings

[thestinger]

No, that's not what the features is about providing. VPN is certainly not going to be per-app.

[thestinger]

Profiles already exist. This issue is not about adding support for profiles.

[CoffeeTime03]

Something similar was discussed here: https://discuss.grapheneos.org/d/1549-more-questions-about-ipc
The summary of the whole thread if that GPS sends advertisements through IPC to other app and there is no way to figure out which apps can communicate with GPS. It would give the advantage of having GMS without having more apps seeing Google Play Services when they shouldn't.
This is not the same as user profiles as everything else including storage will be scoped (which is not desiderable in this contex as it would mean the need of transfering between users and not just changing the storage scope) and one needs to start the session every time the phone boots.
There aren't many other apps that communicate "uselessly" as much as Google Play Services does, but it would be nice to be able to set rules about which apps cannot communicate with which apps like the storage scope feature.

[Nonie689]

Not sure that I can help, but

this project has done this, but it is no longer working...

https://f-droid.org/en/packages/com.merxury.blocker/

I have told on matrix dev channel, and someone have send me this ->

https://twitter.com/GrapheneOS/status/1636042398043086850

[thestinger]

this project has done this, but it is no longer working...

No, they have not done this...

[thestinger]

Replacing with #2197.