please add trust-store integration for access to contacts
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
address-book-app (Ubuntu) |
Invalid
|
High
|
Renato Araujo Oliveira Filho | ||
Saucy |
Won't Fix
|
High
|
Renato Araujo Oliveira Filho | ||
Trusty |
Won't Fix
|
High
|
Unassigned | ||
address-book-service (Ubuntu) |
Invalid
|
High
|
Renato Araujo Oliveira Filho | ||
Trusty |
Won't Fix
|
High
|
Renato Araujo Oliveira Filho | ||
apparmor-easyprof-ubuntu (Ubuntu) |
Invalid
|
Undecided
|
Unassigned | ||
Saucy |
Won't Fix
|
Undecided
|
Unassigned | ||
Trusty |
Won't Fix
|
Undecided
|
Unassigned |
Bug Description
Currently the 'contacts' policy group is reserved because giving access to the address-book-app's DBus API allows applications to obtain all contacts without user consent. If 'contacts' are going to be made generally available to untrusted appstore apps, the address-book-app service needs to be modified to use trust-store, like location-service does. Integrating with trust-store means that when an app tries to connect to the address-book-app over DBus, address-book-app will contact trust-store, the trust-store will prompt the user ("Foo wants to access your contacts. Is this ok? Yes|No"), optionally cache the result and return the result to address-book-app. In this manner the user is given a contextual prompt at the time of access by the app. Using caching this decision can be remembered the next time. If caching is used, there should be a method to change the decision in settings.
Targeting to T-Series for now, since the trust-store is not in a reusable form yet.
description: | updated |
description: | updated |
Changed in address-book-app (Ubuntu Saucy): | |
status: | New → Won't Fix |
description: | updated |
no longer affects: | address-book-service (Ubuntu Saucy) |
Changed in address-book-service (Ubuntu Trusty): | |
assignee: | nobody → Renato Araujo Oliveira Filho (renatofilho) |
Changed in address-book-app: | |
assignee: | nobody → Renato Araujo Oliveira Filho (renatofilho) |
Changed in address-book-app (Ubuntu Saucy): | |
assignee: | nobody → Renato Araujo Oliveira Filho (renatofilho) |
Changed in address-book-service (Ubuntu Trusty): | |
importance: | Undecided → High |
Changed in address-book-app (Ubuntu Saucy): | |
importance: | Undecided → High |
Changed in address-book-app: | |
importance: | Undecided → High |
Changed in address-book-app (Ubuntu Trusty): | |
status: | New → Confirmed |
importance: | Undecided → High |
Changed in address-book-service (Ubuntu Trusty): | |
status: | New → Confirmed |
Changed in address-book-app (Ubuntu): | |
status: | Confirmed → Invalid |
Changed in address-book-service (Ubuntu): | |
status: | Confirmed → Invalid |
Changed in apparmor-easyprof-ubuntu (Ubuntu): | |
status: | Confirmed → Invalid |
Changed in address-book-app (Ubuntu): | |
assignee: | nobody → Renato Araujo Oliveira Filho (renatofilho) |
no longer affects: | address-book-app |
Adding apparmor- easyprof- ubuntu task to move the 'contacts' policy groups out of reserved status when this bug is fixed.