ubuntu-phone team mailing list archive

[Michael Zanetti <michael.zanetti@xxxxxxxxxxxxx>]

On Monday 16 September 2013 08:53:34 Sergio Schvezov wrote:
> On Sun, Sep 15, 2013 at 5:33 PM, Michael Zanetti <
> 
> michael.zanetti@xxxxxxxxxxxxx> wrote:
> > On Sunday 15 September 2013 18:33:45 Thomas Voß wrote:
> > > [...]
> > > 
> > > > Hmm, I could think of lots of use cases to display pictures from the
> > > > pictures folder within an app. For example image manipulation programs
> > > > could import them, social media apps could want to share them (e.g.
> > > > attached to a blog post), chat applications to select an avatar etc.
> > > 
> > > While the filesystem might have such a folder, the intended way to
> > > solve the use-cases you are mentioning above is the
> > > content-picking/sharing infrastructure.
> > > 
> > > > I think that an app should not be able to access other app's pictures
> > > > (e.g.
> > > > stored in /home/phablet/.cache/$APPID/ ) but accessing the common
> > 
> > pictures
> > 
> > > > folder is probably a must-have in the long run, no?
> > > 
> > > Well, the confinement approach basically says: There is no content on
> > > the phone that is not owned by an app. With that, the pictures folder
> > > would be owned by the default Gallery application and thus,
> > > confinement rules would apply again.
> > 
> > With that not even the integrated camera-app would be able to store
> > pictures
> > into it, no?
> 
> Yes and no,
> 
> root@ubuntu-phablet:/# cat
> /usr/share/apparmor/easyprof/policygroups/ubuntu/1.0/picture_files
> # Description: Can read and write to picture files. This policy group is
> #  reserved for certain applications, such as gallery applications.
> #  Developers should typically use the content_exchange policy group and
> #  API to access picture files instead.
> # Usage: reserved
> owner @{HOME}/Pictures/   r,
> owner @{HOME}/Pictures/** rwk,
> 
> root@ubuntu-phablet:/# cat
> /usr/share/apparmor/easyprof/policygroups/ubuntu/1.0/picture_files_read
> # Description: Can read all picture files. This policy group is reserved
> #  for certain applications, such as gallery applications. Developers
> #  should typically use the content_exchange policy group and API to
> #  access picture files instead.
> # Usage: reserved
> owner @{HOME}/Pictures/   r,
> owner @{HOME}/Pictures/** r,
> 
> > > I'm trying to understand this app's concrete use-case better to
> > > propose a way forward.
> > 
> > But somehow there must be a way to exchange data between apps I think.
> > 
> > Also stuff like music files can't be owned by one music player without
> > access
> > for others. How would you write an app that can stream your music/video
> > files
> > via DLNA? Or just an alternative music player?
> 
> root@ubuntu-phablet:/# cat
> /usr/share/apparmor/easyprof/policygroups/ubuntu/1.0/music_files
> # Description: Can read and write to music files. This policy group is
> #  reserved for certain applications, such as music players. Developers
> #  should typically use the content_exchange policy group and API to
> #  access music files instead.
> # Usage: reserved
> owner @{HOME}/Music/   r,
> owner @{HOME}/Music/** rwk,
> 
> root@ubuntu-phablet:/# cat
> /usr/share/apparmor/easyprof/policygroups/ubuntu/1.0/music_files_read
> # Description: Can read all music files. This policy group is reserved
> #  for certain applications, such as music players. Developers should
> #  typically use the content_exchange policy group and API to access
> #  music files instead.
> # Usage: reserved
> owner @{HOME}/Music/   r,
> owner @{HOME}/Music/** r,
> 
> > Another use case would be some application that can create pictures. For
> > example some pimped camera app, or some avatar creation app. It should be
> > possible to save that to the same location as the other pictures.
> 
> Those rules allow you to do that, and they are created specifically for
> this, but they are reserved so you may or may not make it into the store.

Thanks Sergio,

this answers my questions. I agree that not all apps should be able to do this 
kind of stuff. 

Cheers,
Michael