Edit: guys, check comments in this tree below. there is solution to use gapps privately with permissions revoking through shizuku and it actually works, checked myself :D
Seems like it is true information but GServices have another way to bypass permission. Check this comment
There are prerequisites to what that commenter suggests. You have to have the phone rooted and unlocked, and Google allowed all the permissions, something which can be dealt with using the AppOps mechanism (the real AOSP permission system beneath the GUI). It is not possible for any package to do whatever it wants, if the internal app permissions have been neutered. Evidence to the contrary, or real life example capable of being replicated, simply does not exist to date.
How does it crash? I neutered its permissions long before ProtonAOSP/GrapheneOS made “sandboxed play services” concept known to privacy community. SafetyNet apps work ideally for me, and the only data that Google can siphon off of me is the IP address and the CTS attestation keys for GMS certification verification purpose. Normally, GMS takes location, sensor data, storage/installed apps scanning and dozens of other metrics every 7 minutes.
This can be done on any Android, regardless of root or bootloader unlock status, post Nougat 7.0 version. You use Shizuku from F-Droid (requires root or USB debugging via PC), and install from the same developer’s website AppOps. You can manipulate any and all permissions for both main and work profile apps. This is the AppOps core mechanism of AOSP that supersedes the permissions GUI that people normally use.
There is a weaker option via ADB with AppOpsX, but I prefer the superior Shizuku method for additional work profile control.
A little bonus. What I want you to try is with AppOps, you remove the camera permission from your camera app, and then from the normal permission GUI (yes/no buttons), turn on camera permission. Turn on camera app. It will be funny.
Of course, reverse it from AppOps again.
A little note on the GMS part in previous comment – you need to keep internet on for Play Services and Google Services Framework packages, in order for Safetynet apps to work, if you use such apps.
Nothing happened, permission resets itself and in AppOps, the camera just worked fine :)
Yes. I didn’t disable the internet for services, SafetyNet goes through without a problem. Thank you for this information, it is invaluable to me. Now I will be able to use GApps again instead of microG without losing functionality and staying private ❤️
Edit: guys, check comments in this tree below. there is solution to use gapps privately with permissions revoking through shizuku and it actually works, checked myself :D
Seems like it is true information but GServices have another way to bypass permission. Check this comment
There are prerequisites to what that commenter suggests. You have to have the phone rooted and unlocked, and Google allowed all the permissions, something which can be dealt with using the AppOps mechanism (the real AOSP permission system beneath the GUI). It is not possible for any package to do whatever it wants, if the internal app permissions have been neutered. Evidence to the contrary, or real life example capable of being replicated, simply does not exist to date.
The problem is that GServices can’t work without these permissions, they crash. So the phone becomes mostly pointless.
How does it crash? I neutered its permissions long before ProtonAOSP/GrapheneOS made “sandboxed play services” concept known to privacy community. SafetyNet apps work ideally for me, and the only data that Google can siphon off of me is the IP address and the CTS attestation keys for GMS certification verification purpose. Normally, GMS takes location, sensor data, storage/installed apps scanning and dozens of other metrics every 7 minutes.
sorry, what’s the way to do it? manually editing config files? or some app? App Manager from GitHub f.e. can’t do it.
This can be done on any Android, regardless of root or bootloader unlock status, post Nougat 7.0 version. You use Shizuku from F-Droid (requires root or USB debugging via PC), and install from the same developer’s website AppOps. You can manipulate any and all permissions for both main and work profile apps. This is the AppOps core mechanism of AOSP that supersedes the permissions GUI that people normally use.
There is a weaker option via ADB with AppOpsX, but I prefer the superior Shizuku method for additional work profile control.
Thank you so much. i tried it, all permissions were indeed revoked. checked on the camera app - it works. THANK YOU!!!
A little bonus. What I want you to try is with AppOps, you remove the camera permission from your camera app, and then from the normal permission GUI (yes/no buttons), turn on camera permission. Turn on camera app. It will be funny.
Of course, reverse it from AppOps again.
A little note on the GMS part in previous comment – you need to keep internet on for Play Services and Google Services Framework packages, in order for Safetynet apps to work, if you use such apps.
Nothing happened, permission resets itself and in AppOps, the camera just worked fine :)
Yes. I didn’t disable the internet for services, SafetyNet goes through without a problem. Thank you for this information, it is invaluable to me. Now I will be able to use GApps again instead of microG without losing functionality and staying private ❤️
But I’m wondering if gapps doesn’t make any changes to the system itself, maybe it creates new users to bypass broken permissions).