← Back to team overview

touch-packages team mailing list archive

[Bug 1387734] [NEW] Location service uses the cached authorization, even if the user denied location access to an app

 

Public bug reported:

The bug occurs after removing location access authorization to an
application. The location is still available to the application, despite
the user having revoked access from within USS > Privacy > Location.

To reproduce:

1. Open a map application, like Here map
2. Allow access to location
3. Switch to System Settings > Privacy > Location
4. Disable location access for Maps
5. Kill Here map, and restart it

What should happen: you should not have access anymore (and should not see a prompt)
What happens instead: the app still has access to your location, as shown in the logs:

I1030 16:15:38.167752  3100 cached_agent_glog_reporter.cpp:32]
CachedAgent::authenticate_request_with_parameters: Application pid:
27975 Application uid: 32011 Application id:  com.nokia.heremaps_here
Cached request:   Request(from: com.nokia.heremaps_here, feature: 0,
when: 1414682114882519283, answer: granted)

I confirmed that the trust store had recorded the authorization change
as in:

phablet@ubuntu-phablet:~$ sqlite3 ~/.local/share/UbuntuLocationService/trust.db "select * from requests"
1|unconfined|0|1414098093331252474|1
2|com.nokia.heremaps_here|0|1414682114882519283|1
3|com.nokia.heremaps_here|0|1414682131206341515|0

** Affects: trust-store
     Importance: Undecided
         Status: New

** Affects: location-service (Ubuntu)
     Importance: Critical
     Assignee: Thomas Voß (thomas-voss)
         Status: Confirmed

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to location-service in
Ubuntu.
https://bugs.launchpad.net/bugs/1387734

Title:
  Location service uses the cached authorization, even if the user
  denied location access to an app

Status in trust-store:
  New
Status in “location-service” package in Ubuntu:
  Confirmed

Bug description:
  The bug occurs after removing location access authorization to an
  application. The location is still available to the application,
  despite the user having revoked access from within USS > Privacy >
  Location.

  To reproduce:

  1. Open a map application, like Here map
  2. Allow access to location
  3. Switch to System Settings > Privacy > Location
  4. Disable location access for Maps
  5. Kill Here map, and restart it

  What should happen: you should not have access anymore (and should not see a prompt)
  What happens instead: the app still has access to your location, as shown in the logs:

  I1030 16:15:38.167752  3100 cached_agent_glog_reporter.cpp:32]
  CachedAgent::authenticate_request_with_parameters: Application pid:
  27975 Application uid: 32011 Application id:  com.nokia.heremaps_here
  Cached request:   Request(from: com.nokia.heremaps_here, feature: 0,
  when: 1414682114882519283, answer: granted)

  I confirmed that the trust store had recorded the authorization change
  as in:

  phablet@ubuntu-phablet:~$ sqlite3 ~/.local/share/UbuntuLocationService/trust.db "select * from requests"
  1|unconfined|0|1414098093331252474|1
  2|com.nokia.heremaps_here|0|1414682114882519283|1
  3|com.nokia.heremaps_here|0|1414682131206341515|0

To manage notifications about this bug go to:
https://bugs.launchpad.net/trust-store/+bug/1387734/+subscriptions


Follow ups

References