No.2Application Fundamentals

Android apps are written in the Java programming language. The Android SDK tools compile
your code—along with any data and resource files—into an APK: an Android package,
which is an archive file with an.apk
suffix. One APK file contains all the contents
of an Android app and is the file that Android-powered devices use to install the app.

Android app使用java语言编写，Android Sdk工具编译的代码以及所有资料和资源文件，在apk中，一个android包，一个后缀为an.apk的存档文件。一个apk文件包含一个android app以及android平台设备支持安装app文件所有的内容。

Once installed on a device, each Android app lives in its own security sandbox:
The Android operating system is a multi-user Linux system in which each app is a different user.
By default, the system assigns each app a unique Linux user ID (the ID is used only by the system and is unknown to the app). The system sets permissions for all the files in an app so that only the user ID assigned to that app can access them.
Each process has its own virtual machine (VM), so an app's code runs in isolation from other apps.
By default, every app runs in its own Linux process. Android starts the process when any of the app's components need to be executed, then shuts down the process when it's no longer needed or when the system must recover memory for other apps.

设备上的一次安装，每个android app在属于它自己的安全沙箱中。这个Android操作系统是一个多用户linux系统。其中每个应用是不同的用户。默认情况，系统分配给每一个app是一个独立的linux用户id（id只能用来系统和未知的对于app），这个系统设置只允许在app中所有文件以便只有用户id分配给能通过他们的app。
每个进程有它们自己的虚拟机，所以一个app的代码运行和其他app相互隔离。 默认的情况下，每个app运行在他们自己的linux进程中。android开始这个进程当所有的app的组件需要被执行。接着关闭这个进程当没有长时间需要或者当这个系统必须恢复内存对于其他app。

In this way, the Android system implements the principle of least privilege. That is,
each app, by default, has access only to the components that it requires to do its work and no more. This creates a very secure environment in which an app cannot access parts of the system for which it is not given permission.
However, there are ways for an app to share data with other apps and for an
app to access system services:
It's possible to arrange for two apps to share the same Linux user ID, in which case they are able to access each other's files. To conserve system resources, apps with the same user ID can also arrange to run in the same Linux process and share the same VM (the apps must also be signed with the same certificate).
An app can request permission to access device data such as the user's contacts, SMS messages, the mountable storage (SD card), camera, Bluetooth, and more. All
app permissions must be granted by the user at install time.

这种方式，Android 系统实现最小私有原则。就是每个app，默认的只能访问它工作需要的组件，这样就创建了一非常安全的环境， app不能访问系统不允许访问的部分。
然而，有一个app分享数据去和其他的app并且一个app访问系统服务 ，安排两个app分享一个相同的Linux 用户ID，他们能够访问对方的文件。去观察系统的资源，apps有着相同的user ID 能安排运行在相同的linux 进程和分享相同的Vm（apps必须签名带有相同的证书）