qtdeclarative5-qtlocation-plugin does not use trust-store on session bus
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
location-service |
Invalid
|
Undecided
|
Unassigned | ||
apparmor-easyprof-ubuntu (Ubuntu) |
Invalid
|
High
|
Unassigned | ||
Saucy |
Invalid
|
High
|
Unassigned | ||
location-service (Ubuntu) |
Invalid
|
High
|
Thomas Voß | ||
Saucy |
Invalid
|
High
|
Thomas Voß | ||
qtlocation-opensource-src (Ubuntu) |
Invalid
|
High
|
Unassigned | ||
Saucy |
Invalid
|
High
|
Unassigned |
Bug Description
Right now, qtdeclarative5-
if (credentials.pid != pid || credentials.uid != uid)
return Result::granted; // FIXME(tvoss): This should return rejected.
In order to provide contextual runtime prompting and per app access to the location service such that the user is aware that an app is using the location API, a trust-store will be implemented that the location service will integrate with and then the qtdeclarative5-
Right now to bug #1223211, I am updating the location policy group to have (but this will need to be fixed):
# Description: Can access Location
# Usage: common
# session bus gives access to via the trust-store
dbus (receive, send)
bus=session
path=
interface=
peer=
dbus (receive, send)
bus=session
interface=
# FIXME: remove when trust-store is available since this would circumvent the
# trust-store
dbus (send)
bus=system
path=
interface=
member=Hello
peer=
dbus (receive, send)
bus=system
path=
interface=
peer=
dbus (receive, send)
bus=system
interface=
Adding apparmor- easyprof- ubuntu task to update the policy group once qtdeclarative5- qtlocation- plugin starts using the session bus.