[Bug 1356343] [NEW] please support versionless APP_ID caching/precaching

Wed, 13 Aug 2014 06:01:13 -0700 

Public bug reported:

The trust-store currently caches the full APP_ID. For most trusted
helpers this will likely result in too many prompts (eg, an app that is
frequently updated will require users to answer questions they
previously answered). In addition to a less than ideal user experience,
it also desensitizes the user wrt the prompting. We should strive to
prompt just enough and at the right time.

Per the security team, trust-store should by default use versionless
caching, with the option to use the version for those trusted helpers
that may need it. As such, if the APP_ID is
'<pkgname>_<appname>_<version>', then by default the user should be
prompted for '<pkgname>_<appname>', and this is the value that should be
cached. Precaching should also support this. It should be easy for a
trusted helper to opt into using a version if that is needed.

Note: versionless caching does mean that an earlier version of an app
might have one set of permissions and then a later version might have
expanded permissions which could somehow expose the now cached access to
information. Users aren't expected to review app security policy though
and as such, prompting on version doesn't actually solve this. Users
sensitive to this issue are in a position to revoke trust-store
permissions and to apply policy group overrides. If it is determined
that versionless caching with expanding future permissions is a real
concern, the trust-store can be adjusted to cache the click security
policy from /var/lib/apparmor/clicks of the connecting app as well, and
only reprompt if it changes.

** Affects: trust-store
     Importance: Undecided
         Status: New

** Affects: trust-store (Ubuntu)
     Importance: Critical
         Status: New


** Tags: rtm14

** Tags added: rtm14

** Also affects: trust-store (Ubuntu)
   Importance: Undecided
       Status: New

** Changed in: trust-store (Ubuntu)
   Importance: Undecided => Critical

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1356343

Title:
  please support versionless APP_ID caching/precaching

To manage notifications about this bug go to:
https://bugs.launchpad.net/trust-store/+bug/1356343/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

Reply via email to