Ubuntu
friends package

please add trust-store integration to friends

Bug #1231737 reported by Jamie Strandboge
12
This bug affects 2 people
Affects Status Importance Assigned to Milestone
apparmor-easyprof-ubuntu (Ubuntu)
Won't Fix
Undecided
Unassigned
Saucy
Won't Fix
Undecided
Unassigned
Trusty
Won't Fix
Undecided
Unassigned
friends (Ubuntu)
Won't Fix
Undecided
Robert Bruce Park
Saucy
Won't Fix
Undecided
Unassigned
Trusty
Won't Fix
Undecided
Robert Bruce Park

Bug Description

Currently the 'friends' policy group is reserved because giving access to the friend's DBus API allows applications to send messages without the user knowing. If 'friends' is going to be made generally available to untrusted appstore apps, the friends service needs to be modified to use trust-store, like location-service does. Integrating with trust-store means that when an app tries to connect to the friends service over DBus, friends will contact trust-store, the trust-store will prompt the user ("Foo wants to access your friends accounts. Is this ok? Yes|No"), optionally cache the result and return the result to the friends service. In this manner the user is given a contextual prompt at the time of access by the app. Using caching this decision can be remembered the next time. If caching is used, there should be a method to change the decision in settings.

Targeting to T-Series for now, since the trust-store is not in a reusable form yet.

Revision history for this message
Jamie Strandboge (jdstrand) wrote :

Adding apparmor-easyprof-ubuntu task to move the 'friends' policy group out of reserved status when this bug is fixed.

Changed in friends (Ubuntu Saucy):
status: New → Won't Fix
Changed in apparmor-easyprof-ubuntu (Ubuntu Saucy):
status: New → Won't Fix
Revision history for this message
Robert Bruce Park (robru) wrote :

Friends is probably going away next cycle (or at the very least it's going to be vastly re-architected in order to fit with other new requirements that I wasn't aware of when I began Friends development).

I'll add this to the (long) list of "things we have to be aware of when we rewrite everything from scratch, again", thanks.

Changed in friends (Ubuntu):
assignee: nobody → Robert Bruce Park (robru)
Revision history for this message
Kai Mast (kai-mast) wrote :

Just curious, what is the rewrite you are talking about?

Revision history for this message
Robert Bruce Park (robru) wrote :

Just vague plans to rewrite everything in Go, someday.

Revision history for this message
Kai Mast (kai-mast) wrote :

Would be nice to update me on those plans if they become more concrete. Don't want to work too much with code that will go away some day. ;)

Revision history for this message
Robert Bruce Park (robru) wrote :

Yeah, nothing is concrete at all. It's probably a cycle or two away. The qml bits will probably survive mostly as-is, just with the python backend getting replaced (eventually, some day, maybe). So it doesn't hurt to fix bugs now, because a) users are using this stuff right now, and b) it'll be used as a reference for the re-write, so we don't want to accidentally port bugs from python into go ;-)

Revision history for this message
Launchpad Janitor (janitor) wrote :

Status changed to 'Confirmed' because the bug affects multiple users.

Changed in apparmor-easyprof-ubuntu (Ubuntu):
status: New → Confirmed
Changed in friends (Ubuntu Trusty):
status: New → Confirmed
Changed in friends (Ubuntu):
status: New → Confirmed
Revision history for this message
Jamie Strandboge (jdstrand) wrote :

Per meeting today, trust-store integration for friends is not for RTM. Pat McGowan will discuss with affected parties the friends API on the phone for any future work.

summary: - please integrate with trust-store
+ please add trust-store integration to friends
Changed in friends (Ubuntu Trusty):
status: Confirmed → Won't Fix
Changed in apparmor-easyprof-ubuntu (Ubuntu Trusty):
status: Confirmed → Won't Fix
Revision history for this message
Jamie Strandboge (jdstrand) wrote :

Friends is being removed in 14.10. The friends policy group will be removed from the 1.2 apparmor-easyprof-ubuntu policy.

Changed in friends (Ubuntu):
status: Confirmed → Won't Fix
Changed in apparmor-easyprof-ubuntu (Ubuntu):
status: Confirmed → Won't Fix
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.