How can it have a system partition which is read only and still make the user create and use its files? How does it differ from Linux in terms of permissions and user management? How are the users kind of “confined” in android?
How can it have a system partition which is read only and still make the user create and use its files? How does it differ from Linux in terms of permissions and user management? How are the users kind of “confined” in android?
Only a part is immutable, but you can alter other files, which are mounted with write permissions. Kind of like NixOS works. Here, this is part of the output if I enter “mount” in termux
/dev/block/dm-7 on /system/lib64/netd_event_listener_interface-V1-cpp.so type ext4 (ro,relatime,seclabel,discard) /dev/block/dm-7 on /system/lib64/oemnetd_aidl_interface-cpp.so type ext4 (ro,relatime,seclabel,discard) /dev/block/dm-7 on /system/lib64/packagemanager_aidl-cpp.so type ext4 (ro,relatime,seclabel,discard) /dev/block/dm-7 on /system/lib64/server_configurable_flags.so type ext4 (ro,relatime,seclabel,discard) /dev/block/dm-7 on /system/lib64/service.incremental.so type ext4 (ro,relatime,seclabel,discard) /dev/block/dm-7 on /system/lib64/shared-file-region-aidl-cpp.so type ext4 (ro,relatime,seclabel,discard) /dev/block/dm-7 on /system/lib64/spatializer-aidl-cpp.so type ext4 (ro,relatime,seclabel,discard) /dev/block/dm-7 on /system/lib64/vendor.qti.hardware.display.config-V5-ndk.so type ext4 (ro,relatime,seclabel,discard) tmpfs on /storage type tmpfs (rw,nosuid,nodev,noexec,relatime,seclabel,mode=755,gid=1000) /dev/fuse on /storage/emulated type fuse (rw,nosuid,nodev,noexec,noatime,lazytime,user_id=0,group_id=0,allow_other) /data/media on /storage/emulated/0/Android/data type sdcardfs (rw,nosuid,nodev,noexec,noatime,fsuid=1023,fsgid=1023,gid=1015,multiuser,mask=6,derive_gid,default_normal,unshared_obb) /data/media on /storage/emulated/0/Android/obb type sdcardfs (rw,nosuid,nodev,noexec,noatime,fsuid=1023,fsgid=1023,gid=1015,multiuser,mask=6,derive_gid,default_normal,unshared_obb)Look how the paths are mounted. /data/media has read/write permission, while other mount points not. I could probably mount /bin and /sbin read only and it wouldnt harm my system at all. It would probably only than changed, if I perform some update (Lets say rm has suddenly some critical bug). You can also read about A/B partituons on the Internet. This works a bit complexer under the hood, meaning creating a way to perform updates and so on.