It's possible to build self-update functionality into an app, just like many apps do on desktop. An app can open that installation prompt to update itself.

Not on the latest versions of Android, unless you're only updating interpreted code like Python. You can no longer execute files that weren't packaged with the original APK.

You can download an apk and launch the package installer activity to install it. In latest versions of Android, you'll need to serve the apk through a ContentProvider. I tested this myself, it works, even if the app is updating itself.

But I think you can actually still load arbitrary dex files using a ClassLoader? I thought that the update was only affecting JNI libraries. I remember reading how they wanted for any and all executable code to come from a signed package. Even then, if you're determined enough, you can load arbitrary native code by allocating some rwx memory pages and copying it in there ;)

Yeah I misinterpreted your original comment. I was thinking in terms of the app being in control of itself ie JNI type stuff.

Sounds like there are ways to do it within the Android ecosystem, but in cases where Google is suspending things wouldn't they just turn off all the self-update stuff?

Google doesn't have the technical ability to "turn off all the self-update stuff", if you mean preventing non-store apps from updating themselves by downloading and installing apks. The worst thing they can try doing is bullying the users into uninstalling the app through Google Play Protect.

I'm not deep enough in the Android ecosystem to understand all the details. I've only had the misfortune of trying to get a (very portably-written) golang application to run in the environment, and hitting roadblock after roadblock.

I guess my overall point is that Google is motivated to have complete control over Android app distribution, and they'll plug as many of the types of holes you're talking about as they can get away with.