The accounts DB is a sqlite file containing the list of the accounts, what services are enabled/disabled, and maybe some settings. It does not contain passwords or authentication tokens. It might contain usernames, but we agreed that we have to live with that, because usernames are going to be shown in the UIs in order to differentiate the accounts.
Hi Jamie, so, there are two pieces that the accounts policy group should allow: /wiki.ubuntu. com/SecurityTea m/Specification s/ApplicationCo nfinement# Ubuntu_ Online_ Accounts
1) Access the signond dbus interfaces and socket (correctly done by the policy you pasted in comment #3)
2) Allow access to the accounts DB, as in https:/
The accounts DB is a sqlite file containing the list of the accounts, what services are enabled/disabled, and maybe some settings. It does not contain passwords or authentication tokens. It might contain usernames, but we agreed that we have to live with that, because usernames are going to be shown in the UIs in order to differentiate the accounts.