ubuntu-phone team mailing list archive

Thread
Date

Re: API to get contact avatar?

To: Roman Shchekin <mrqtros@xxxxxxxxx>
From: Renato Filho <renato.filho@xxxxxxxxxxxxx>
Date: Mon, 5 Oct 2015 10:09:16 -0300
Cc: ubuntu-phone <ubuntu-phone@xxxxxxxxxxxxxxxxxxx>
In-reply-to: <CADKf9eQAPkMq0TLHcek4bCJQS6Sx0Dgty9MNZ4s-+61MWQZA4g@mail.gmail.com>

Hi guys,

Just to be clear QtContacts is not available for confined apps. The
only way to retrieve contacts in a confined app is using content-hub
API. This will return a vcard file with all contact information
including the avatar image.

BR

On Fri, Oct 2, 2015 at 6:53 PM, Roman Shchekin <mrqtros@xxxxxxxxx> wrote:
>> For some people contacts is a a very personal/private data., and they
>> do not want applications reading, sharing, downloading, uploading it.
>
>
> It is not about security - it is about pain for developers. Malefactor will
> anyway find the way to stole contacts and etc. once you installed his app.
> So I think that Ubuntu Phone should stop trying to limit all of developer
> features. Just remeber old N9 - all was fine without special policies.
>
> 2015-10-02 21:31 GMT+03:00 Stefano Verzegnassi <stefano92.100@xxxxxxxxx>:
>>
>>
>> 2015-10-02 19:16 GMT+02:00 Roman Shchekin <mrqtros@xxxxxxxxx>:
>>>
>>> Qt contacts is limited? Why?
>>
>>
>> Suppose that there's a malicious app in the store that allows you to
>> download music from the web.
>> As far as I understand, this app could be able to secretely read all the
>> email addresses of your contacts and send them on the net for spamming.
>>
>> In this regards, I'd like to see some kind of "smart" click-review tool
>> when an application is uploaded into the store.
>> I mean, instead of having a set of "reserved" or "common" AppArmor
>> policies, each policy has a weighted score.
>> The click-review tool should check for a combination of these policies, in
>> order to define more precisely how much dangerous an app could be.
>>
>> For example, an app that has "networking" and "content_exchange" policies
>> could be potentially more dangerous than an app that has just a "read_path"
>> permission (which currently is not allowed) for "/proc/meminfo" (e.g. a task
>> manager).
>> Apps that have read-only access to user's Pictures folder, but has no
>> access to the net (e.g. a third-party image viewer or an image editor),
>> could be somehow considered safe instead.
>>
>> I may have written dumb things, but I'd like to hear if there's any plan
>> for having some less restricted policies in Ubuntu (Touch) and/or some
>> whitelisted paths under certain conditions.
>
>
>
> --
> Mailing list: https://launchpad.net/~ubuntu-phone
> Post to     : ubuntu-phone@xxxxxxxxxxxxxxxxxxx
> Unsubscribe : https://launchpad.net/~ubuntu-phone
> More help   : https://help.launchpad.net/ListHelp
>

References

API to get contact avatar?
From: Jani Monoses, 2015-10-02
Re: API to get contact avatar?
From: Roman Shchekin, 2015-10-02
Re: API to get contact avatar?
From: Renato Filho, 2015-10-02
Re: API to get contact avatar?
From: Roman Shchekin, 2015-10-02
Re: API to get contact avatar?
From: Stefano Verzegnassi, 2015-10-02
Re: API to get contact avatar?
From: Roman Shchekin, 2015-10-02