thejh/gist:36e559b036a3a4c679ee

## gistfile1.txt
Android reuses UIDs, and IMO, it shouldn't do that, at least not without having rebooted once.
Reasons:

 - the deinstallation process doesn't kill all processes with the UID of the app, and neither does
   the installation process - therefore, an app can gain higher privileges by tricking the user
   into uninstalling it and then installing another app with higher privileges
 - there are app-writable filesystems which aren't protected against suid executables, so an app
   could drop a suid-shell in one of those filesystems and thereby allow other malicious apps to
   obtain full access to whatever app will be the next one to get assigned the uid (all filesystems
   without nosuid, except for rootfs, seem to be temporary, so a reboot should wipe all suid executables)

There are four billion possible UIDs, right? Doesn't seem like it's necessary to reuse them.
	Android reuses UIDs, and IMO, it shouldn't do that, at least not without having rebooted once.
	Reasons:

	- the deinstallation process doesn't kill all processes with the UID of the app, and neither does
	the installation process - therefore, an app can gain higher privileges by tricking the user
	into uninstalling it and then installing another app with higher privileges
	- there are app-writable filesystems which aren't protected against suid executables, so an app
	could drop a suid-shell in one of those filesystems and thereby allow other malicious apps to
	obtain full access to whatever app will be the next one to get assigned the uid (all filesystems
	without nosuid, except for rootfs, seem to be temporary, so a reboot should wipe all suid executables)

	There are four billion possible UIDs, right? Doesn't seem like it's necessary to reuse them.