I'm reading Android Hacker's Handbook, and it chapter 2 it says:
Applications are typically broken into two categories: pre-installed and user-installed. Pre-installed applications include [..]. The packages for these apps reside in the /system/app directory. Some of these may have elevated privileges or capabilities, and therefore may be of particular interest. User-installed applications are those that the user has installed themselves, [..] . These apps, as well as updates to pre-installed apps, reside in the /data/app directory. [..] Android uses a special platform key to sign pre-installed app packages. Applications signed with this key are special in that they can have system user privileges.
So I'm thinking, is it safer to uninstall pre-installed apps using ADB for example, and then install them from Play store so they're stored under
/data/app instead of
/system/app and don't have
system user privileges?