Okay, after some more research and asking around my old Android friends, I convinced myself there is no way to install binaries from SD card into Chess for Android anymore. The same restrictions will apply to any chess app that *targets* API 29 (note, apps targeting API 28 will still work, even when running on API 29, but since Google Play requires the API 29 target from now on, artificially keeping the target low is only a solution for alternative distribution channels).
I internally proposed adding an explicit W^X permission to Android so that users can opt-in for apps that they trust (like Chess for Android
). Let's see how that goes, but I am not sure how serious such a proposal will be taken, or if that even addresses all security concerns.
For now, the silver lining behind the dark cloud is that engine packages still work, as do GUI's that package their own engines.