Can anyone put some light as what's the real/main advantage of introducing Isolatedprocess tag within Services in JellyBean[Android]. Is this advantageous at framework level or at the kernel level,as what we have seen that setting isolatedProcess tag value "true" within the Services assigns a new userId to that service process.
Have you seen Dianne Hackborn's answer on Google Groups? The question is identical and as she points out there is really one known use of that flags at this time: adding a layer of security for executing remote, untrusted code, i.e. JavaScript. There is no way to possibly guarantee that running remote code won't introduce security vulnerabilities, so by isolating the process that parses that code in a permission-less process, it becomes much more difficult for that code to do any real harm.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With