2014-10-30 15:22:47 |
David Barth |
bug |
|
|
added bug |
2014-10-30 15:24:11 |
Thomas Voß |
bug task added |
|
location-service |
|
2014-10-30 15:24:19 |
Thomas Voß |
bug task deleted |
location-service |
|
|
2014-10-30 15:26:48 |
Thomas Voß |
bug task added |
|
trust-store |
|
2014-10-30 15:26:54 |
Thomas Voß |
location-service (Ubuntu): status |
New |
Confirmed |
|
2014-10-30 15:26:56 |
Thomas Voß |
location-service (Ubuntu): importance |
Undecided |
Critical |
|
2014-10-30 15:26:58 |
Thomas Voß |
location-service (Ubuntu): assignee |
|
Thomas Voß (thomas-voss) |
|
2014-11-14 11:54:34 |
Thomas Voß |
bug task added |
|
trust-store (Ubuntu) |
|
2014-11-14 11:54:40 |
Thomas Voß |
trust-store: importance |
Undecided |
Critical |
|
2014-11-14 11:54:44 |
Thomas Voß |
trust-store: status |
New |
Confirmed |
|
2014-11-14 11:54:49 |
Thomas Voß |
trust-store (Ubuntu): status |
New |
Confirmed |
|
2014-11-14 11:54:50 |
Thomas Voß |
trust-store (Ubuntu): importance |
Undecided |
Critical |
|
2014-11-14 11:55:02 |
Thomas Voß |
bug task added |
|
trust-store (Ubuntu RTM) |
|
2014-11-14 11:55:20 |
Thomas Voß |
trust-store (Ubuntu RTM): status |
New |
Confirmed |
|
2014-11-14 11:55:22 |
Thomas Voß |
trust-store (Ubuntu RTM): importance |
Undecided |
Critical |
|
2014-11-14 11:55:25 |
Thomas Voß |
trust-store (Ubuntu): assignee |
|
Thomas Voß (thomas-voss) |
|
2014-11-14 11:55:31 |
Thomas Voß |
location-service (Ubuntu): status |
Confirmed |
Invalid |
|
2014-11-14 11:55:34 |
Thomas Voß |
location-service (Ubuntu): assignee |
Thomas Voß (thomas-voss) |
|
|
2014-11-14 11:55:36 |
Thomas Voß |
trust-store: assignee |
|
Thomas Voß (thomas-voss) |
|
2014-11-14 12:09:34 |
Thomas Voß |
trust-store (Ubuntu RTM): assignee |
|
Thomas Voß (thomas-voss) |
|
2014-11-14 12:18:24 |
Launchpad Janitor |
branch linked |
|
lp:~thomas-voss/trust-store/fix-1387734 |
|
2014-11-14 12:21:33 |
Thomas Voß |
tags |
|
rtm14 |
|
2014-11-14 12:43:23 |
Jamie Strandboge |
information type |
Public |
Public Security |
|
2014-11-14 13:00:07 |
Marc Deslauriers |
cve linked |
|
2014-1422 |
|
2014-11-14 13:15:07 |
Thomas Voß |
description |
The bug occurs after removing location access authorization to an application. The location is still available to the application, despite the user having revoked access from within USS > Privacy > Location.
To reproduce:
1. Open a map application, like Here map
2. Allow access to location
3. Switch to System Settings > Privacy > Location
4. Disable location access for Maps
5. Kill Here map, and restart it
What should happen: you should not have access anymore (and should not see a prompt)
What happens instead: the app still has access to your location, as shown in the logs:
I1030 16:15:38.167752 3100 cached_agent_glog_reporter.cpp:32] CachedAgent::authenticate_request_with_parameters: Application pid: 27975 Application uid: 32011 Application id: com.nokia.heremaps_here Cached request: Request(from: com.nokia.heremaps_here, feature: 0, when: 1414682114882519283, answer: granted)
I confirmed that the trust store had recorded the authorization change as in:
phablet@ubuntu-phablet:~$ sqlite3 ~/.local/share/UbuntuLocationService/trust.db "select * from requests"
1|unconfined|0|1414098093331252474|1
2|com.nokia.heremaps_here|0|1414682114882519283|1
3|com.nokia.heremaps_here|0|1414682131206341515|0 |
The bug occurs after removing location access authorization to an application. The location is still available to the application, despite the user having revoked access from within USS > Privacy > Location.
To reproduce:
1. Open a map application, like Here map
2. Allow access to location
3. Switch to System Settings > Privacy > Location
4. Disable location access for Maps
5. Kill Here map, and restart it
What should happen: you should not have access anymore (and should not see a prompt)
What happens instead: the app still has access to your location, as shown in the logs:
I1030 16:15:38.167752 3100 cached_agent_glog_reporter.cpp:32] CachedAgent::authenticate_request_with_parameters: Application pid: 27975 Application uid: 32011 Application id: com.nokia.heremaps_here Cached request: Request(from: com.nokia.heremaps_here, feature: 0, when: 1414682114882519283, answer: granted)
I confirmed that the trust store had recorded the authorization change as in:
phablet@ubuntu-phablet:~$ sqlite3 ~/.local/share/UbuntuLocationService/trust.db "select * from requests"
1|unconfined|0|1414098093331252474|1
2|com.nokia.heremaps_here|0|1414682114882519283|1
3|com.nokia.heremaps_here|0|1414682131206341515|0
From a user's perspective: Despite having explicitly rejected trust to an application, the app would still be able to access services. |
|
2014-11-14 13:18:51 |
Jamie Strandboge |
nominated for series |
|
Ubuntu Utopic |
|
2014-11-14 13:18:51 |
Jamie Strandboge |
bug task added |
|
location-service (Ubuntu Utopic) |
|
2014-11-14 13:18:51 |
Jamie Strandboge |
bug task added |
|
trust-store (Ubuntu Utopic) |
|
2014-11-14 13:18:51 |
Jamie Strandboge |
nominated for series |
|
Ubuntu Vivid |
|
2014-11-14 13:18:51 |
Jamie Strandboge |
bug task added |
|
location-service (Ubuntu Vivid) |
|
2014-11-14 13:18:51 |
Jamie Strandboge |
bug task added |
|
trust-store (Ubuntu Vivid) |
|
2014-11-14 13:19:04 |
Jamie Strandboge |
location-service (Ubuntu Utopic): status |
New |
Invalid |
|
2014-11-14 13:19:12 |
Jamie Strandboge |
trust-store (Ubuntu Utopic): status |
New |
Confirmed |
|
2014-11-14 13:19:14 |
Jamie Strandboge |
trust-store (Ubuntu Utopic): importance |
Undecided |
Critical |
|
2014-11-14 13:19:23 |
Jamie Strandboge |
trust-store (Ubuntu Utopic): assignee |
|
Thomas Voß (thomas-voss) |
|
2014-11-18 22:38:27 |
Thomas Voß |
trust-store: status |
Confirmed |
In Progress |
|
2014-11-18 22:38:30 |
Thomas Voß |
trust-store (Ubuntu Utopic): status |
Confirmed |
In Progress |
|
2014-11-18 22:38:32 |
Thomas Voß |
trust-store (Ubuntu Vivid): status |
Confirmed |
In Progress |
|
2014-11-18 22:38:34 |
Thomas Voß |
trust-store (Ubuntu RTM): status |
Confirmed |
In Progress |
|
2015-01-23 15:01:38 |
Pat McGowan |
bug task added |
|
canonical-devices-system-image |
|
2015-01-23 15:01:57 |
Pat McGowan |
canonical-devices-system-image: importance |
Undecided |
High |
|
2015-01-23 15:01:57 |
Pat McGowan |
canonical-devices-system-image: status |
New |
In Progress |
|
2015-01-23 15:01:57 |
Pat McGowan |
canonical-devices-system-image: milestone |
|
ww05-2015 |
|
2015-01-23 17:32:21 |
Launchpad Janitor |
branch linked |
|
lp:ubuntu/vivid-proposed/trust-store |
|
2015-01-23 17:51:37 |
Launchpad Janitor |
trust-store (Ubuntu Vivid): status |
In Progress |
Fix Released |
|
2015-01-26 14:54:59 |
Launchpad Janitor |
branch linked |
|
lp:~dbarth/ubuntu-system-settings/fix-1387734 |
|
2015-01-27 08:54:23 |
Launchpad Janitor |
branch linked |
|
lp:~mardy/ubuntu-system-settings/lp1387734 |
|
2015-01-27 13:43:11 |
Launchpad Janitor |
branch linked |
|
lp:~mardy/ubuntu-system-settings/rtm-lp1387734 |
|
2015-01-28 15:18:50 |
Pat McGowan |
canonical-devices-system-image: milestone |
ww05-2015 |
ww07-2015 |
|
2015-02-02 16:33:36 |
Launchpad Janitor |
trust-store (Ubuntu RTM): status |
In Progress |
Fix Released |
|
2015-02-02 17:01:04 |
Pat McGowan |
canonical-devices-system-image: status |
In Progress |
Fix Released |
|
2015-04-02 05:30:10 |
Thomas Voß |
trust-store: status |
In Progress |
Fix Released |
|
2015-04-13 09:22:36 |
Thomas Voß |
trust-store (Ubuntu Utopic): status |
In Progress |
Fix Released |
|