> Blocking UID 1000 connections, and blocking QUIC, has not caused any problems for me
By design, the app sandbox isn't applied as strictly on "privileged apps" (like UID 1000). There's nothing NetGuard or any userspace app can do to shore that up. System/privileged apps can bypass most OS-enforced isolation mechanisms at will: https://github.com/celzero/rethink-app/issues/224
This is besides the fact that NetGuard doesn't (yet) support "Block connections without VPN" mode.
6 comments
[ 3.6 ms ] story [ 22.2 ms ] threadAccording to Netguard logs UID 1000 "Dynamic System" appears to try to use the tunnel in an earlier Android version
Blocking UID 1000 connections, and blocking QUIC, has not caused any problems for me
Yet another example of the relative lack of user control, privacy, etc. in corporate mobile OS
Not to mention undesired "side effects" of default use of QUIC
By design, the app sandbox isn't applied as strictly on "privileged apps" (like UID 1000). There's nothing NetGuard or any userspace app can do to shore that up. System/privileged apps can bypass most OS-enforced isolation mechanisms at will: https://github.com/celzero/rethink-app/issues/224
This is besides the fact that NetGuard doesn't (yet) support "Block connections without VPN" mode.