Need a way for applications to ask permission to read/write in pictures/videos folders on SD card

Bug #1391930 reported by Florian Boucault on 2014-11-12
10
This bug affects 2 people
Affects Status Importance Assigned to Milestone
apparmor-easyprof-ubuntu (Ubuntu)
High
Jamie Strandboge
Utopic
High
Jamie Strandboge
Vivid
High
Jamie Strandboge
apparmor-easyprof-ubuntu (Ubuntu RTM)
Wishlist
Jamie Strandboge

Bug Description

The camera and the gallery app today are authorized to read/write in /home/$USER/Pictures and /home/$USER/Videos.
Now they also need to be able to read/write in the similar directories of the SD card, for example:
- /media/phablet/064a-7494/Pictures
- /media/phablet/064a-7494/Videos

As a side note, we are using the following API in applications to retrieve the path (e.g. /home/phablet/Pictures):
http://qt-project.org/doc/qt-5/qstandardpaths.html#writableLocation

To retrieve the similar path on the SD card we are considering using a combination of that to guess the directory name (Pictures) concatenated with the value of http://doc-snapshot.qt-project.org/qt5-5.4/qstorageinfo.html#rootPath

Jamie Strandboge (jdstrand) wrote :

Thanks for the report! Marking confirmed for now, since it is obviously needed, but it needs further discussion. Once that has happened, I'll adjust.

affects: click-apparmor (Ubuntu) → apparmor-easyprof-ubuntu (Ubuntu)
Changed in apparmor-easyprof-ubuntu (Ubuntu):
importance: Undecided → High
status: New → Confirmed
assignee: nobody → Jamie Strandboge (jdstrand)
Changed in apparmor-easyprof-ubuntu (Ubuntu):
importance: High → Wishlist
status: Confirmed → Triaged
Changed in apparmor-easyprof-ubuntu (Ubuntu Utopic):
status: New → Triaged
importance: Undecided → High
assignee: nobody → Jamie Strandboge (jdstrand)
Changed in apparmor-easyprof-ubuntu (Ubuntu Vivid):
importance: Wishlist → High
Changed in apparmor-easyprof-ubuntu (Ubuntu RTM):
importance: Undecided → Wishlist
assignee: nobody → Jamie Strandboge (jdstrand)
tags: added: application-confinement rtm14
Changed in apparmor-easyprof-ubuntu (Ubuntu Utopic):
status: Triaged → In Progress
Changed in apparmor-easyprof-ubuntu (Ubuntu Vivid):
status: Triaged → In Progress
Jamie Strandboge (jdstrand) wrote :

Per discussions on ubuntu-phone@ (https://lists.launchpad.net/ubuntu-phone/msg10456.html), the directory structure for these global directories is:

/media/$user/$label/Pictures
/media/$user/$label/Music
/media/$user/$label/Videos

'$label' is confirmed to not allow '/' in the name. Because the directories may be on a vfat filesystem, we want the policy to be able to handle case-insensitive names.

As such, we'll adjust the policy groups accordingly to do things like this:
  # SD card: /media/<user>/<label>/...
  owner /media/*/*/[Mm][Uu][Ss][Ii][Cc]/ r,
  owner /media/*/*/[Mm][Uu][Ss][Ii][Cc]/** rwk,

  # SD card: /media/<user>/<label>/...
  owner /media/*/*/[Pp][Ii][Cc][Tt][Uu][Rr][Ee][Ss]/ r,
  owner /media/*/*/[Pp][Ii][Cc][Tt][Uu][Rr][Ee][Ss]/** rwk,

  # SD card: /media/<user>/<label>/...
  owner /media/*/*/[Vv][Ii][Dd][Ee][Oo][Ss]/ r,
  owner /media/*/*/[Vv][Ii][Dd][Ee][Oo][Ss]/** rwk,

IMPORTANT: the policy will not allow creating these directories (just like it doesn't for the ones in ~), so something else will have to create them.

Florian Boucault (fboucault) wrote :

RE: "IMPORTANT: the policy will not allow creating these directories (just like it doesn't for the ones in ~), so something else will have to create them."

I can't think of anything else that would create them. Is it an issue to let the apps create them when/if they need to?

Launchpad Janitor (janitor) wrote :

This bug was fixed in the package apparmor-easyprof-ubuntu - 1.2.39

---------------
apparmor-easyprof-ubuntu (1.2.39) utopic; urgency=medium

  * ubuntu/{music,pictures,video}_files*: allow access to global SD card
    directories (LP: #1391930)
  * ubuntu/ubuntu-scope-network, pending/ubuntu-scope-local-content: allow
    scopes to read data from the apps data dir (LP: #1384286)
 -- Jamie Strandboge <email address hidden> Thu, 13 Nov 2014 09:54:18 -0600

Changed in apparmor-easyprof-ubuntu (Ubuntu RTM):
status: New → Fix Released
Jamie Strandboge (jdstrand) wrote :

1.2.39 was pushed to rtm last week.

Changed in apparmor-easyprof-ubuntu (Ubuntu Utopic):
status: In Progress → Fix Released
status: Fix Released → In Progress
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package apparmor-easyprof-ubuntu - 1.3.1

---------------
apparmor-easyprof-ubuntu (1.3.1) vivid; urgency=medium

  * ubuntu/ubuntu-sdk:
    - explicitly deny reads on ~/.cache/QML/Apps/ to silence noisy denials.
      Undo this when LP: 1381620 is fixed in qtdeclarative-opensource-src
    - explicitly deny dbus bind on name="org.freedesktop.Application" since
      it is noisy. Undo this when LP: 1378823 is fixed in ubuntu-ui-toolkit
  * ubuntu/1.3/ubuntu-sdk: drop html5-container policy. html5 apps should use
    webapp-container and specify the 'webview' policy group with 1.3 (15.04)
    policy (LP: #1392461)
  * ubuntu/ubuntu-scope-network, pending/ubuntu-scope-local-content: allow
    scopes to read data from the apps data dir (LP: #1384286)
  * adjust all dbus rules to use peer=(label=unconfined) to prevent
    coordinated communications between apps over DBus (LP: #1383824)
  * ubuntu/{music,pictures,video}_files*: allow access to global SD card
    directories (LP: #1391930)
  * debian/control: Depends on apparmor >= 2.8.98-0ubuntu2~ for the dbus peer
    changes (we need at least apparmor_parser 2.9.beta4 for these)
 -- Jamie Strandboge <email address hidden> Mon, 15 Dec 2014 15:53:32 +0000

Changed in apparmor-easyprof-ubuntu (Ubuntu Vivid):
status: In Progress → Fix Released
Rolf Leggewie (r0lf) wrote :

utopic has seen the end of its life and is no longer receiving any updates. Marking the utopic task for this ticket as "Won't Fix".

Changed in apparmor-easyprof-ubuntu (Ubuntu Utopic):
status: In Progress → Won't Fix
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers