ubuntu-phone team mailing list archive

[Jamie Strandboge <jamie@xxxxxxxxxxxxx>]

On 03/27/2014 09:59 AM, Daniel Holbach wrote:
> Hello everybody,
> 
> right now we have a couple of work items which block apps using certain policy
> groups. Up until now we have allowed some (trusted) apps into the store which
> make use of that functionality. Other apps we had to keep on hold. This is not
> ideal, as we basically have to tell app developers to not use some of our APIs.
> 
> Do we have some estimates for the following bugs or are they on a priority list
> somewhere?
> 
...

>  - Webview: LP: #1260103 and LP: #1260090

Webview is a 'common' policy group and people may freely use it now, but people
have to use the 1.1 version of the policy with the ubuntu-sdk-14.04* framework.
There are bugs we want to fix; for the ones you mentioned:

LP: #1260103 - this will be an improvement going forward and is no different
than LP: #1197060, which we haven't blocked on

LP: #1260090 - this is not a blocker, it is just a bug and worked around in the
current policy group

There are others:
LP: #1260048 - this needs to be fixed, but I am going to be adjusting policy for
it so it is just an information leak as opposed to an attack vector. That should
happen in apparmor-easyprof-ubuntu 1.1.11. We shouldn't block on this because I
am fixing the policy now

LP: #1288815 - UbuntuWebview should not use ~/.local/share/Qt Project
(webbrowser-app) - shouldn't block because the path is currently denied anyway--
apps just won't work correctly.


Finally, while not blocking app developers atm, I'm also curious about:
LP: #1224756 - Pulseaudio should integrate with trust-store (but please read the
whole bug, esp comment #14)
LP: #1230391 - please provide visual cue during background recording (pulseaudio)

-- 
Jamie Strandboge                 http://www.ubuntu.com/

Attachment: signature.asc
Description: OpenPGP digital signature