touch-packages team mailing list archive

Thread
Date

[Bug 1387734] Re: Location service uses the cached authorization, even if the user denied location access to an app

To: touch-packages@xxxxxxxxxxxxxxxxxxx
From: Thomas Voß <1387734@xxxxxxxxxxxxxxxxxx>
Date: Tue, 18 Nov 2014 22:38:27 -0000
Reply-to: Bug 1387734 <1387734@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

** Changed in: trust-store
       Status: Confirmed => In Progress

** Changed in: trust-store (Ubuntu Utopic)
       Status: Confirmed => In Progress

** Changed in: trust-store (Ubuntu Vivid)
       Status: Confirmed => In Progress

** Changed in: trust-store (Ubuntu RTM)
       Status: Confirmed => In Progress

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to location-service in
Ubuntu.
https://bugs.launchpad.net/bugs/1387734

Title:
  Location service uses the cached authorization, even if the user
  denied location access to an app

Status in trust-store:
  In Progress
Status in “location-service” package in Ubuntu:
  Invalid
Status in “trust-store” package in Ubuntu:
  In Progress
Status in “location-service” source package in Utopic:
  Invalid
Status in “trust-store” source package in Utopic:
  In Progress
Status in “location-service” source package in Vivid:
  Invalid
Status in “trust-store” source package in Vivid:
  In Progress
Status in “trust-store” package in Ubuntu RTM:
  In Progress

Bug description:
  The bug occurs after removing location access authorization to an
  application. The location is still available to the application,
  despite the user having revoked access from within USS > Privacy >
  Location.

  To reproduce:

  1. Open a map application, like Here map
  2. Allow access to location
  3. Switch to System Settings > Privacy > Location
  4. Disable location access for Maps
  5. Kill Here map, and restart it

  What should happen: you should not have access anymore (and should not see a prompt)
  What happens instead: the app still has access to your location, as shown in the logs:

  I1030 16:15:38.167752  3100 cached_agent_glog_reporter.cpp:32]
  CachedAgent::authenticate_request_with_parameters: Application pid:
  27975 Application uid: 32011 Application id:  com.nokia.heremaps_here
  Cached request:   Request(from: com.nokia.heremaps_here, feature: 0,
  when: 1414682114882519283, answer: granted)

  I confirmed that the trust store had recorded the authorization change
  as in:

  phablet@ubuntu-phablet:~$ sqlite3 ~/.local/share/UbuntuLocationService/trust.db "select * from requests"
  1|unconfined|0|1414098093331252474|1
  2|com.nokia.heremaps_here|0|1414682114882519283|1
  3|com.nokia.heremaps_here|0|1414682131206341515|0

  From a user's perspective: Despite having explicitly rejected trust to
  an application, the app would still be able to access services.

To manage notifications about this bug go to:
https://bugs.launchpad.net/trust-store/+bug/1387734/+subscriptions

References

[Bug 1387734] [NEW] Location service uses the cached authorization, even if the user denied location access to an app
From: David Barth, 2014-10-30