alt Hacker NewsIt's nice to be able to toggle it (it's also possible to revoke this permission on GrapheneOS). However, it is imperfect, since apps within the same profile can still communicate through IPC, so if apps cooperate, network access can still be achieved. I would guess that Play Services is one of the larger offenders, since many apps communicate with Play Services and as far as I understand (but I may be mistaken) Play Services does work that involves internet access on behalf of other apps.
You could of course disable network access to Play Services, but at least for me that broke a bunch of apps or made them unreliable.
What AOSP ROMs need besides the network permission toggle is IPC scopes functionality, akin to storage scopes.
> However, it is imperfect, since apps within the same profile can still communicate through IPC, so if apps cooperate, network access can still be achieved.
Folks brings up 'IPC' as if this is some chink in the armour in AOSP. It isn't. 'Apps' pretty much on most consumer OSes can 'IPC' their way with other co-operating apps to 'achieve' network access from behind a firewall, just the same.
> since many apps communicate with Play Services and as far as I understand (but I may be mistaken) Play Services does work that involves internet access on behalf of other apps
If the OS or its privileged component will fchown the socket to the origin app, think the INTERNET permission will be enforced as expected.