ubuntu-appstore-developers team mailing list archive

Thread
Date

Re: icon files in click packages

To: Ted Gould <ted@xxxxxxxxxx>
From: Jamie Strandboge <jamie@xxxxxxxxxxxxx>
Date: Fri, 06 Sep 2013 07:51:50 -0500
Cc: ubuntu-appstore-developers@xxxxxxxxxxxxxxxxxxx
In-reply-to: <1378437004.1793.15.camel@localhost>
User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:17.0) Gecko/20130803 Thunderbird/17.0.8

On 09/05/2013 10:10 PM, Ted Gould wrote:
> On Thu, 2013-09-05 at 19:19 +0200, David Barth wrote:
>> (sorry if this has been asked before, i couldn't see it in the archive)
>>
>> Is there a plan for click to install icon files into 
>> ~/.local/share/icons (the same way it deals with .desktop files)?
>>
>> Or if it's not considered OK, what would be the recommended way for apps 
>> to place and lookup icons contained in the click package installation dir?
> 
> I don't think we have a good answer here.  When Colin and I were comparing
> desktop hooks we even handled the application icon slightly differently.  I
> handled it like a name, and didn't adjust it any, and he handled it like a file
> and added the path.  His way doesn't allow for multiple sizes, and my way
> probably breaks common usage.  I don't think we've properly closed that issue.
> 
> I worry about installing icons in a common directory just because those icons
> would be loaded by another process.  I think most applications would be better
> off just having their icons, themed or any other way, included in their click
> package and loading that into their application's icon search paths.  They
> should be able to know the base package directory by looking at the current
> working directory on startup.
> 
> Which brings up an interesting attack possibility.  An application with a
> corrupted application icon that gets loaded directly by Unity.  You wouldn't
> even need to have the app installed as browsing through the click scope would be
> enough.  Most icon loaders should be pretty robust by now...
> 

Yes, this is something I considered. For now I think we just have to treat that
as a security vulnerability in Unity/the underlying libraries like we do now.
Ultimately, I think we should probably handle it like gettext and the
infographic-- icon loading is handled in a separate process with an apparmor
profile and ideally seccomp. Do you know otoh what I should file this wishlist
bug against?

-- 
Jamie Strandboge                 http://www.ubuntu.com/

Attachment: signature.asc
Description: OpenPGP digital signature

Follow ups

Re: icon files in click packages
From: Ted Gould, 2013-09-06

References

icon files in click packages
From: David Barth, 2013-09-05
Re: icon files in click packages
From: Ted Gould, 2013-09-06