You can load native libraries that are properly bundled in the APK, ideally using the modern approach with extraction from the APK disabled.
Ideally, decode the media there and stream the frames, etc. to the app in a trivial format. It's quite to do this for images, at least.
Conversation
Entirely possible for a library designed for use on Android to do this internally without being part of the API. It's unfortunate that it's so underused in the ecosystem. Entirely possible to make a reusable Kotlin/Java library wrapping media libraries in that sandbox internally.
1
Can define a bunch and then use them only for specific contexts like per-conversation as Chromium does for site isolation. Can essentially use it as a thread pool but respawn them before using them for a different context to keep the different contexts properly isolated.
1
Great sandbox even without finer-grained seccomp-bpf filter on top like Chromium does. Deals with all details and is portable everywhere.
They run in a highly restricted isolated_app domain with unique, ephemeral uid/gid for each and basic seccomp-bpf like regular app sandbox.
1
Out of curiosity are the isolated processes also stripped of the default permissions all apps get on Android? Last I checked there was no way to publish an app without network permissions.
1
There aren't default permissions and the INTERNET permission isn't mandatory. INTERNET is not one of the user-facing runtime permissions though. One of your libraries is probably adding the INTERNET permission through their own manifest. It's not at all a baseline requirement.
1
1
Isolated processes don't have permissions or other forms of access control. They don't have access to anything other than communication with the app spawning them via the bound service API. They're sandboxed processes within an app as defined by the app in their manifest.
1
1
I know that Android itself doesn't require the apps have internet permission, but I had a friend get burned by a store policy requiring a privacy statement for apps with file permission and internet permission. Their app had no use for internet, but no way to not have the perm.
1
I don't understand what you mean. Apps published on the Play Store don't need to have the INTERNET permission. It's also not one of the user-facing runtime permission. The shared storage access permissions are legacy / deprecated and are largely removed for current API levels.
1
1
It was an old story and frustration of a friend, sorry for the confused language, Android isn't my native platform and I guess I took the wrong implications from both his experiences and other inferences.
Thanks for your patience and corrections.
1
Maybe their frustration was that a library was adding a permission they didn't need or want to have and that was triggering needing to publish a privacy policy. You essentially always need to publish one now regardless of Play Store requirements due to GDPR, etc.
Quite probable, similar to the original origin of this thread, libraries often have surprising "helpful" additions.
And disclosing data use is hopefully better for users, though can provide illusory safety from what the descriptions point you away from thinking of...