> However, it is imperfect, since apps within the same profile can still communicate through IPC, so if apps cooperate, network access can still be achieved.

Folks brings up 'IPC' as if this is some chink in the armour in AOSP. It isn't. 'Apps' pretty much on most consumer OSes can 'IPC' their way with other co-operating apps to 'achieve' network access from behind a firewall, just the same.

> since many apps communicate with Play Services and as far as I understand (but I may be mistaken) Play Services does work that involves internet access on behalf of other apps

If the OS or its privileged component will fchown the socket to the origin app, think the INTERNET permission will be enforced as expected.