please add trust-store integration for access to contacts
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| address-book-app (Ubuntu) |
Invalid
|
High
|
Renato Araujo Oliveira Filho | ||
| Saucy |
Won't Fix
|
High
|
Renato Araujo Oliveira Filho | ||
| Trusty |
Won't Fix
|
High
|
Unassigned | ||
| address-book-service (Ubuntu) |
Invalid
|
High
|
Renato Araujo Oliveira Filho | ||
| Trusty |
Won't Fix
|
High
|
Renato Araujo Oliveira Filho | ||
| apparmor-easyprof-ubuntu (Ubuntu) |
Invalid
|
Undecided
|
Unassigned | ||
| Saucy |
Won't Fix
|
Undecided
|
Unassigned | ||
| Trusty |
Won't Fix
|
Undecided
|
Unassigned | ||
Bug Description
Currently the 'contacts' policy group is reserved because giving access to the address-book-app's DBus API allows applications to obtain all contacts without user consent. If 'contacts' are going to be made generally available to untrusted appstore apps, the address-book-app service needs to be modified to use trust-store, like location-service does. Integrating with trust-store means that when an app tries to connect to the address-book-app over DBus, address-book-app will contact trust-store, the trust-store will prompt the user ("Foo wants to access your contacts. Is this ok? Yes|No"), optionally cache the result and return the result to address-book-app. In this manner the user is given a contextual prompt at the time of access by the app. Using caching this decision can be remembered the next time. If caching is used, there should be a method to change the decision in settings.
Targeting to T-Series for now, since the trust-store is not in a reusable form yet.
| description: | updated |
| description: | updated |
| Changed in address-book-app (Ubuntu Saucy): | |
| status: | New → Won't Fix |
| description: | updated |
| Jamie Strandboge (jdstrand) wrote | #1 |
| tags: | added: application-confinement |
| Changed in apparmor-easyprof-ubuntu (Ubuntu Saucy): | |
| status: | New → Won't Fix |
| no longer affects: | address-book-service (Ubuntu Saucy) |
| Changed in address-book-service (Ubuntu Trusty): | |
| assignee: | nobody → Renato Araujo Oliveira Filho (renatofilho) |
| Changed in address-book-app: | |
| assignee: | nobody → Renato Araujo Oliveira Filho (renatofilho) |
| Changed in address-book-app (Ubuntu Saucy): | |
| assignee: | nobody → Renato Araujo Oliveira Filho (renatofilho) |
| Changed in address-book-service (Ubuntu Trusty): | |
| importance: | Undecided → High |
| Changed in address-book-app (Ubuntu Saucy): | |
| importance: | Undecided → High |
| Changed in address-book-app: | |
| importance: | Undecided → High |
| Changed in address-book-app (Ubuntu Trusty): | |
| status: | New → Confirmed |
| importance: | Undecided → High |
| Changed in address-book-service (Ubuntu Trusty): | |
| status: | New → Confirmed |
| Launchpad Janitor (janitor) wrote | #2 |
| Changed in apparmor-easyprof-ubuntu (Ubuntu): | |
| status: | New → Confirmed |
| Jamie Strandboge (jdstrand) wrote | #3 |
| summary: |
- please integrate with trust-store + please add trust-store integration for access to contacts |
| Changed in address-book-app (Ubuntu Trusty): | |
| status: | Confirmed → Won't Fix |
| Changed in address-book-service (Ubuntu Trusty): | |
| status: | Confirmed → Won't Fix |
| Changed in apparmor-easyprof-ubuntu (Ubuntu Trusty): | |
| status: | Confirmed → Won't Fix |
| Changed in address-book-app (Ubuntu): | |
| status: | Confirmed → Invalid |
| Changed in address-book-service (Ubuntu): | |
| status: | Confirmed → Invalid |
| Changed in apparmor-easyprof-ubuntu (Ubuntu): | |
| status: | Confirmed → Invalid |
| Changed in address-book-app (Ubuntu): | |
| assignee: | nobody → Renato Araujo Oliveira Filho (renatofilho) |
| no longer affects: | address-book-app |
Adding apparmor-