In Linux systems, each user is assigned a unique user identifier (UID), and users are segregated so that one user cannot access the data of another user. However, all applications under a particular user are run with the same privileges. Similarly, in Android, each application runs as a unique user. In other words, a UID is assigned to each application and is run as a separate process. This concept ensures an application sandbox at the kernel level. The kernel manages the security restrictions between the applications by making use of existing Linux concepts, such as UID and group identifier (GID). If an application attempts to do something malicious—say, to read the data of another application—this is not permitted as the application does not have user privileges. Hence, the operating system protects an application from accessing the data of another application.