ubuntu-phone team mailing list archive

[Alex Chiang <achiang@xxxxxxxxxxxxx>]

* Cláudio Sampaio <patola@xxxxxxxxx>:
> I also have one general question.
> 
> Isn't Ubuntu Touch going to present a "capabilities" layer,
> much like that of Android or Blackberry, that says what the
> application can/will do? "Acess the network", "store files",
> "read the SMS", "change the configuration" and so on. Like a
> dumbed-down version of AppArmor or SELinux.

I am fairly certain we'll be using AppArmor, but whether we
present any UI to the users or not is still an open question.

Asking for users for app permissions on Android is an utter
disaster, IMHO. Approximately no one reads them, and it's just
one more annoying dialog box to taptaptaptap "ok just give me my
app".

Even worse, because no one reads them, it arguably leads to worse
security because now a malicious keyboard app could request
permission for front camera and internet and fine-grained
location and the user would never notice because he/she is just
tapping through what I like to call the "whatever dialog".

As in, "whatever, give me my bouncing cows!"

That being said, I think it would be useful to show the
permissions granted to an app *after* it has been installed, if
the user is curious and digs into the app's 'about' menu (or
similar, standard UI).

In that scenario, the user is clearly intending to read some
details about the app and we should show the permissions granted.

> Android currently shows this to the user, but he is not able to
> block particular capabilities of the application and if Ubuntu
> Touch is able to allow it, it would be a darned good
> differential.

That would be a nice feature indeed. Perhaps in the magical UI I
invented above, that would be a good place to revoke individual
fine-grained permissions.

/ac