Daniel Micay on Twitter: "@spudowiar @sanjayen https://t.co/g5uRoYmuiZ (legacy policy) https://t.co/d70uunJ5di (modern policy) https://t.co/jXp3ew2yCk (modern policy, with per-app SELinux domains)" / Twitter

This Tweet was deleted by the Tweet author. Learn more

Daniel Micay

@DanielMicay

Mar 2, 2019

Replying to

@saleemrash1d

@spudowiar

and

@sanjayen

Also worth noting that pre-Marshmallow only means that apps targeting a pre-Marshmallow set of breaking changes. Apps can implement the vast majority of features from newer OS versions (not inherently breaking ones, like notification channels) without targeting those API levels.

This Tweet was deleted by the Tweet author. Learn more

Replying to

and

They've begun rejecting it for newly submitted apps and updates to existing apps. Apps that aren't updated aren't made unavailable though, and of course it doesn't apply to apps installed from outside of the Play Store.

1

Replying to

and

support.google.com/googleplay/and

1

Replying to

and

There are privacy and security improvements tied to API level increases after 23 too. Most are for protecting apps against exploitation, but some improve the sandbox Note that there are untrusted_app (modern), untrusted_app_25 and untrusted_app_26 SELinux domains.

1

Replying to

and

Apps targeting API level 28 and above are each put into a unique SELinux domain based on untrusted_app, rather than a shared untrusted app domain with reliance on the per-app uid/gid (multi-user already used SELinux MLS in addition to uid/gid being unique per-app-per-user).

1

Replying to

and

android.googlesource.com/platform/syste (legacy policy) android.googlesource.com/platform/syste (modern policy) android.googlesource.com/platform/syste (modern policy, with per-app SELinux domains)

1:54 PM · Mar 2, 2019Twitter Web Client

1

Like

Conversation