Clarify levelFrom=app and levelFrom=all descriptions regarding UID/appId

[yongrakCho]

https://github.com/SELinuxProject/selinux-notebook/blame/8cfd893c16a82d86b42c9c684330e2f8db3bd137/src/seandroid.md#L1254

Hello,

I’d like to suggest a clarification in the seandroid.md documentation regarding the explanation of the levelFrom option.

Current issue:

The descriptions for levelFrom=app and levelFrom=all may be misleading or imprecise:

• levelFrom=app is currently described as:

  determines the level from the process UID
  This is misleading, as it implies the full UID is used, when in fact only the app ID (i.e., the lower part of the UID) is extracted.

• levelFrom=all is described as:

  determines the level from both UID and user ID
  This can also cause confusion, as the UID already contains the user ID (in its upper digits), so it’s effectively based on the full UID.

Suggested improvement:

To make the intention clearer, consider rephrasing as:

• levelFrom=app: determines the level from the app ID (extracted from the process UID)
• levelFrom=all: determines the level from the full process UID (user ID + app ID)

This would help readers who are familiar with Android’s UID layout better understand how SELinux level generation works in SEAndroid.

Thanks for maintaining this valuable resource!

[dburgener]

I'm not extremely familar with the android side of things. Can you cite a source that this distinction is actually accurate? I'm a little concerned because this issue looks like it may have been written by an LLM, and could be a hallucination. In a little bit of googling I'm unable to verify the claim that android UIDs consist of separate user and process parts.

If this is accurate and you can back that up, it looks like you already have all the info to submit a PR with the change if you'd like.