touch-packages team mailing list archive

Thread
Date

[Bug 1384286] Re: add directory allowing scopes and apps to share data

To: touch-packages@xxxxxxxxxxxxxxxxxxx
From: Jamie Strandboge <jamie@xxxxxxxxxx>
Date: Wed, 12 Nov 2014 18:23:57 -0000
Reply-to: Bug 1384286 <1384286@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

"So, if I understand you correctly, you are saying that
@{HOME}/.local/share/unity-scopes/leaf-net/@{APP_PKGNAME}/* is the
writable cache directory for the scope (exactly as it is now), and
@{HOME}/.local/share/@{APP_PKGNAME}/* is the readable directory where
the scope can read data produced by the app?"

Yes

"I take it that the readable directory would not be applicable to scopes
that do *not* install together with an app in the same click package?
(We would throw an exception if a scope doesn't have an associated app
and tries to get the directory name.)"

If I understand the question, APP_PKGNAME is unique to the scopes and
apps installed by a particular click package. A differently named click
package will have a different APP_PKGNAME set, so there is isolation
between clicks. This bug only allows scopes and apps within the same
click to coordinate with each other.

"Now, if I have this picture correct, it implies that a scope can read
from an app, but an app cannot read from a scope. Is that what we want?
If so, I think I'm good with this. (I haven't implemented anything yet,
so there are the usual caveats. But, off-hand, I don't see a show-
stopper.)"

This is correct and I think it is what we want. I'm still holding out
for the possibility of a local content scope some time down the road and
allowing writes to the app dir in a local content scope would allow an
app to break out of confinement via this shared dir (of course, we could
just not let that scope type coordinate with an app...). Let's go with
what I suggested for now, and I will document the thinking in the policy
so the thinking isn't lost.

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apparmor-easyprof-ubuntu
in Ubuntu.
https://bugs.launchpad.net/bugs/1384286

Title:
  add directory allowing scopes and apps to share data

Status in “apparmor-easyprof-ubuntu” package in Ubuntu:
  In Progress
Status in “click-reviewers-tools” package in Ubuntu:
  In Progress
Status in “unity-scopes-api” package in Ubuntu:
  In Progress

Bug description:
  Summary says it all, just need to decide on the directory. I propose using this rule:
    # Allow scopes to share data with the app shipped in the same click
    owner @{HOME}/.local/share/@{APP_PKGNAME}/            rw,
    owner @{HOME}/.local/share/@{APP_PKGNAME}/**          mrwkl,

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apparmor-easyprof-ubuntu/+bug/1384286/+subscriptions

References

[Bug 1384286] [NEW] add directory allowing scopes and apps to share data
From: Jamie Strandboge, 2014-10-22