Application access permission to files on internal storage

A question about the internal storage that's priv开发者_运维知识库ate to each application (especially when storing files with Context.MODE_PRIVATE).

How is that storage actually assigned to the application? Just by package name or also somehow bound to the sign key of the app?

Let's say I have installed application 1 and then write another application 2 with the same name and package name (just differently signed with different keys) and install it (app 2 replacing app 1), would that application 2 get access to the /data/data/[app]/files ?

Or would I not even be able to replace app1 with app2 due to different sign keys in the first place?

I don't think you can have 2 applications with the same package. I know if I have a development build on my device and I try to install the release, I get an error and I MUST uninstall the previous first.

This also coincides with pm, which uninstalls, and lists applications by the package name.

So my answer is that it assigns it based on the package name, but you can't have 2 applications with the same package name.

Just by package name or also somehow bound to the sign key of the app?

Neither.

Each application, when installed, is assigned a Linux user ID. All of its files are owned by that user. Its process runs as that user. MODE_PRIVATE files are set to deny-all for other users.

Or would I not even be able to replace app1 with app2 due to different sign keys in the first place?

Correct.