[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH] gnu: Add GeoClue desktop service.

From: Andy Wingo
Subject: Re: [PATCH] gnu: Add GeoClue desktop service.
Date: Mon, 24 Aug 2015 10:23:40 +0200
User-agent: Gnus/5.13 (Gnus v5.13) Emacs/24.5 (gnu/linux)

On Sun 23 Aug 2015 23:40, address@hidden (Ludovic Courtès) writes:

> Andy Wingo <address@hidden> skribis:
>> On Thu 20 Aug 2015 17:09, address@hidden (Ludovic Courtès) writes:
>>>> address@hidden {Scheme Variable} %standard-geoclue-applications
>>>> +The standard list of well-known GeoClue application configurations,
>>>> +granting authority to GNOME's date-and-time utility to ask for the
>>>> +current location in order to set the time zone, and allowing the Firefox
>>>> +(IceCat) and Epiphany web browsers to request location information.
>>>> +Firefox and Epiphany both query the user before allowing a web page to
>>>> +know the user's location.
>>>> address@hidden defvr
>>> Does that mean that all these applications get blanket access to
>>> location info, and just happen to be nice enough to ask the user?
>>> If the answer is yes, I would rather remove the Web browsers from this
>>> list by default.
>> I think that's right.  I'm still figuring some of this out :P But yeah,
>> I think the reasoning is that since web browsers ask you already, don't
>> default to giving the web access, and you already trust the web browser
>> in other ways, that this is a reasonable default that prevents
>> double-asking.
> OK.  But then that raises the question of how applications are
> authenticated: if I call my binary ‘epiphany’, will GeoClue consider it
> to be the authorized application?  (Sorry for the newbie question...)

I think the name is taken from the .desktop files -- which is to say,
geoclue trusts the application to be who it says it is.

>> I guess ideally it would be going through policykit and asking the user
>> through the session manager.  Maybe that's a TODO; dunno.
> My only concern is to make sure the default settings are
> privacy-preserving.  I realize that’s a question that goes beyond GuixSD
> itself though.

There are unknowns for me too here, I am also a newbie.  I was just
packaging things :)

However it seems to me that you don't need a location service to get
your location -- any app has basically the right privileges to grovel
through things on its own, either through geo-IP things or via seeing
what wireless hotspots are around, etc.  This is what Chromium does for
example.  The model isn't "an app will never know my location unless
geoclue authorizes it".  It's more like "users sometimes want their apps
to know the user's location, and geoclue can do a good efficient job at
it instead of making each app roll its own implementation".

But when GeoClue requests authorization, it does so by sending a request
to the object installed at /org/freedesktop/GeoClue2/Agent on the system
bus.  GNOME Shell installs an object there; presumably it uses an
overlay dialog to ask the user for permission.  I'm not sure how it
works in multi-user setups.  Without an object installed there I don't
know how things work, or if apps that aren't whitelisted work at all.


reply via email to

[Prev in Thread] Current Thread [Next in Thread]