this post was submitted on 11 Sep 2025
55 points (98.2% liked)
Privacy
2475 readers
382 users here now
Icon base by Lorc under CC BY 3.0 with modifications to add a gradient
founded 2 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
I've been thinking about this for a while. I have Pixel 7, so GrapheneOS is an easy choice. But I have a few paid subscription apps via Play Store, and I don't want to get rid of them... Maybe I could ditch some, but not all.
Graphene supports running GMS in a sandbox like any normal app. That's what I do as there are too many apps in the play store I need
I probably don't know enough about sandboxing in GrapheneOS. So if you do that, you still have to log in with Google account, but Google will be able to only see what you are doing with play store apps? And the rest of data like sensors, file system, other apps, will not be visible to Play Services?
Not quite. The Play store will be its own application. Which you can apply permissions to. Any application in the same space can still talk to the Play store. That's just inner process communication. So if any app wants to it can still talk to Google Play in that same profile.
When you're logged into the phone you have three areas that are separate by default, you have the main user, you have the private space, and you have the work profile. All three of these could have different Google accounts that don't see each other, they could have no Google Play and nothing goes to Google. It's up to you
Okay, thanks! I think I should try it then
You can lock Google into its own little play area on GrapheneOS using a work profile with the shelter app, or a completely separate Android user account.