Information Technology Reference
In-Depth Information
Application sandbox
In Linux systems, each user is assigned a unique user ID (UID), and users are segregated so
that one user can access the data of another user. However, all applications under a particu-
lar user are run with the same privileges. Similarly in Android, each application runs as a
unique user. In other words, a UID is assigned to each application and is run as a separate
process. This concept ensures an application sandbox at the kernel level. The kernel man-
ages the security restrictions between the applications by making use of existing Linux
concepts, such as UID and GID. If an application attempts to do something malicious, say
to read the data of another application, this is not permitted as the application does not have
the user privileges. Hence, the operating system protects an application from accessing the
data of another application.
Search WWH ::




Custom Search