apparmor-easyprof-ubuntu

Merge lp:~ken-vandine/apparmor-easyprof-ubuntu/pasteboard into lp:apparmor-easyprof-ubuntu

  1. pasteboard
  2. Merge into trunk
Proposed by Ken VanDine
Status: Merged
Merged at revision: 54
Proposed branch: lp:~ken-vandine/apparmor-easyprof-ubuntu/pasteboard
Merge into: lp:apparmor-easyprof-ubuntu
Diff against target: 214 lines (+160/-0)
5 files modified
data/templates/ubuntu/1.0/ubuntu-sdk (+32/-0)
data/templates/ubuntu/1.0/ubuntu-webapp (+32/-0)
data/templates/ubuntu/1.1/ubuntu-sdk (+32/-0)
data/templates/ubuntu/1.1/ubuntu-webapp (+32/-0)
data/templates/ubuntu/1.3/ubuntu-sdk (+32/-0)
To merge this branch: bzr merge lp:~ken-vandine/apparmor-easyprof-ubuntu/pasteboard
Reviewer Review Type Date Requested Status
Pat McGowan (community) Approve
Jamie Strandboge (community) Needs Information
Review via email: mp+301506@code.launchpad.net

Commit message

Added access to content-hub's Pasteboard

Description of the change

Added access to content-hub's Pasteboard

To post a comment you must log in.
lp:~ken-vandine/apparmor-easyprof-ubuntu/pasteboard updated
51. By Ken VanDine

Dropped object paths for paste, we check for app focus to control access

Revision history for this message
Jamie Strandboge (jdstrand) wrote :

The policy looks ok, assuming that the content service doesn't allow clicks from grabbing the clipboard from other processes. Can you comment on that?

Beyond that, this will trigger a recompile for all clicks that use the default template. Pat McGowan needs to approve that this is ok.

Has the pasteboard been backported to previous frameworks? If so, you should apply these to those as well.

Is the ubuntu-sdk template the correct place for this? Should it be part of content-hub?

If this is only for the template, is this useful to more than just ubuntu-sdk apps? What about scopes? webapps? If so, then this should be applied to those templates as well.

Is this targeted for the stable overlays? If so, please also target at:
https://code.launchpad.net/~ubuntu-security/apparmor-easyprof-ubuntu/1.3-stable-phone-overlay
https://code.launchpad.net/~ubuntu-security/apparmor-easyprof-ubuntu/16.04-stable-phone-overlay

Thanks!

review: Needs Information
Revision history for this message
Ken VanDine (ken-vandine) wrote :

> The policy looks ok, assuming that the content service doesn't allow clicks
> from grabbing the clipboard from other processes. Can you comment on that?

This is the backend used by qtubuntu and libertine to share clipboard contents. We allow the process that has focus to access the top item on the clipboard. We use Unity8's isPidFocused API to control access.

> Beyond that, this will trigger a recompile for all clicks that use the default
> template. Pat McGowan needs to approve that this is ok.
>
> Has the pasteboard been backported to previous frameworks? If so, you should
> apply these to those as well.

Apps won't directly talk to the pasteboard, that is handled by qtubuntu. So app developers won't see a difference.

> Is the ubuntu-sdk template the correct place for this? Should it be part of
> content-hub?

We need all apps to have access, so we don't want apps to need to add content_exchange policy to have basic copy/paste support.

> If this is only for the template, is this useful to more than just ubuntu-sdk
> apps? What about scopes? webapps? If so, then this should be applied to those
> templates as well.

Good point, I thought ubuntu-sdk was the base of all things. I guess I was wrong, I'll add it to other templates as well.

> Is this targeted for the stable overlays? If so, please also target at:
> https://code.launchpad.net/~ubuntu-security/apparmor-easyprof-ubuntu/1.3
> -stable-phone-overlay
> https://code.launchpad.net/~ubuntu-security/apparmor-easyprof-ubuntu/16.04
> -stable-phone-overlay

Yes, does that mean we can't land this with our standard landing process? I'll propose branches to those as well.
>
> Thanks!

lp:~ken-vandine/apparmor-easyprof-ubuntu/pasteboard updated
52. By Ken VanDine

Allow pasteboard access to ubuntu-webapp as well

Revision history for this message
Ken VanDine (ken-vandine) wrote :

Merge proposals for the other requested branches:

https://code.launchpad.net/~ken-vandine/apparmor-easyprof-ubuntu/1.3-stable-phone-overlay_pasteboard/+merge/301793

https://code.launchpad.net/~ken-vandine/apparmor-easyprof-ubuntu/1.3-stable-phone-overlay_pasteboard/+merge/301793

Revision history for this message
Pat McGowan (pat-mcgowan) wrote :

The policy recompile is fine
Need to check if any other such changes are queued, good to add them now

review: Approve
Revision history for this message
Jamie Strandboge (jdstrand) wrote :

"This is the backend used by qtubuntu and libertine to share clipboard contents. We allow the process that has focus to access the top item on the clipboard. We use Unity8's isPidFocused API to control access."

PIDs are racy. Has a member of the security team taken a look at this? If not, I suggested asking Tyler and Emily to look at it/assign someone.

Revision history for this message
Jamie Strandboge (jdstrand) wrote :

> Apps won't directly talk to the pasteboard, that is handled by qtubuntu. So app developers won't see a difference.

Does that mean it is available to earlier frameworks for free? If so, please adjust the templates for 1.0-1.2 as well.

> > Is the ubuntu-sdk template the correct place for this? Should it be part of
> > content-hub?
> >
> We need all apps to have access, so we don't want apps to need to add
> content_exchange policy to have basic copy/paste support.

Ok

> Yes, does that mean we can't land this with our standard landing process?
> I'll propose branches to those as well.

You can't build apparmor-easyprof-ubuntu from a branch, but once the MPs are approved and committed, you can create source packages that you can upload to your silos (the citrain has processes for this).

lp:~ken-vandine/apparmor-easyprof-ubuntu/pasteboard updated
53. By Ken VanDine

Added pasteboard access for 1.0 and 1.1

54. By Ken VanDine

Dropped duplicated pasteboard in ubuntu-webapp

Revision history for this message
Ken VanDine (ken-vandine) wrote :

> "This is the backend used by qtubuntu and libertine to share clipboard
> contents. We allow the process that has focus to access the top item on the
> clipboard. We use Unity8's isPidFocused API to control access."
>
> PIDs are racy. Has a member of the security team taken a look at this? If not,
> I suggested asking Tyler and Emily to look at it/assign someone.

It's the same API used by the keyboard now, I'll check to see if that was reviewed.

Revision history for this message
Tyler Hicks (tyhicks) wrote :

> > "This is the backend used by qtubuntu and libertine to share clipboard
> > contents. We allow the process that has focus to access the top item on the
> > clipboard. We use Unity8's isPidFocused API to control access."
> >
> > PIDs are racy. Has a member of the security team taken a look at this? If
> not,
> > I suggested asking Tyler and Emily to look at it/assign someone.
>
> It's the same API used by the keyboard now, I'll check to see if that was
> reviewed.

I reviewed maliit's use of isPidFocused() here:

  https://code.launchpad.net/~michael-sheldon/maliit/obey-unity8-focus/+merge/298312

Revision history for this message
Tyler Hicks (tyhicks) wrote :

Ubuntu Security needs to review the clipboard MP (https://code.launchpad.net/~ken-vandine/content-hub/pasteboard/+merge/296352). We've been involved in the design stages but were not aware that an implementation existed and was ready to be merged.

lp:~ken-vandine/apparmor-easyprof-ubuntu/pasteboard updated
55. By Ken VanDine

Specify path for access to pasteboard

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
1=== modified file 'data/templates/ubuntu/1.0/ubuntu-sdk'
2--- data/templates/ubuntu/1.0/ubuntu-sdk 2016-08-25 17:22:06 +0000
3+++ data/templates/ubuntu/1.0/ubuntu-sdk 2016-08-25 17:49:25 +0000
4@@ -235,6 +235,38 @@
5 deny dbus (bind)
6 name="org.freedesktop.Application",
7
8+ # Allow access to the PasteBoard
9+ dbus (receive, send)
10+ bus=session
11+ interface="com.ubuntu.content.dbus.Service"
12+ path="/"
13+ member="CreatePaste"
14+ peer=(label=unconfined),
15+ dbus (receive, send)
16+ bus=session
17+ interface="com.ubuntu.content.dbus.Service"
18+ path="/"
19+ member="GetPasteData"
20+ peer=(label=unconfined),
21+ dbus (receive, send)
22+ bus=session
23+ interface="com.ubuntu.content.dbus.Service"
24+ path="/"
25+ member="GetLatestPasteData"
26+ peer=(label=unconfined),
27+ dbus (receive, send)
28+ bus=session
29+ interface="com.ubuntu.content.dbus.Service"
30+ path="/"
31+ member="PasteFormats"
32+ peer=(label=unconfined),
33+ dbus (receive)
34+ bus=session
35+ interface="com.ubuntu.content.dbus.Service"
36+ path="/"
37+ member="PasteFormatsChanged"
38+ peer=(label=unconfined),
39+
40 #
41 # end DBus rules common for all apps
42 #
43
44=== modified file 'data/templates/ubuntu/1.0/ubuntu-webapp'
45--- data/templates/ubuntu/1.0/ubuntu-webapp 2016-08-25 17:22:06 +0000
46+++ data/templates/ubuntu/1.0/ubuntu-webapp 2016-08-25 17:49:25 +0000
47@@ -208,6 +208,38 @@
48 deny dbus (bind)
49 name="org.freedesktop.Application",
50
51+ # Allow access to the PasteBoard
52+ dbus (receive, send)
53+ bus=session
54+ interface="com.ubuntu.content.dbus.Service"
55+ path="/"
56+ member="CreatePaste"
57+ peer=(label=unconfined),
58+ dbus (receive, send)
59+ bus=session
60+ interface="com.ubuntu.content.dbus.Service"
61+ path="/"
62+ member="GetPasteData"
63+ peer=(label=unconfined),
64+ dbus (receive, send)
65+ bus=session
66+ interface="com.ubuntu.content.dbus.Service"
67+ path="/"
68+ member="GetLatestPasteData"
69+ peer=(label=unconfined),
70+ dbus (receive, send)
71+ bus=session
72+ interface="com.ubuntu.content.dbus.Service"
73+ path="/"
74+ member="PasteFormats"
75+ peer=(label=unconfined),
76+ dbus (receive)
77+ bus=session
78+ interface="com.ubuntu.content.dbus.Service"
79+ path="/"
80+ member="PasteFormatsChanged"
81+ peer=(label=unconfined),
82+
83 #
84 # end DBus rules common for all webapps
85 #
86
87=== modified file 'data/templates/ubuntu/1.1/ubuntu-sdk'
88--- data/templates/ubuntu/1.1/ubuntu-sdk 2016-08-25 17:22:06 +0000
89+++ data/templates/ubuntu/1.1/ubuntu-sdk 2016-08-25 17:49:25 +0000
90@@ -230,6 +230,38 @@
91 deny dbus (bind)
92 name="org.freedesktop.Application",
93
94+ # Allow access to the PasteBoard
95+ dbus (receive, send)
96+ bus=session
97+ interface="com.ubuntu.content.dbus.Service"
98+ path="/"
99+ member="CreatePaste"
100+ peer=(label=unconfined),
101+ dbus (receive, send)
102+ bus=session
103+ interface="com.ubuntu.content.dbus.Service"
104+ path="/"
105+ member="GetPasteData"
106+ peer=(label=unconfined),
107+ dbus (receive, send)
108+ bus=session
109+ interface="com.ubuntu.content.dbus.Service"
110+ path="/"
111+ member="GetLatestPasteData"
112+ peer=(label=unconfined),
113+ dbus (receive, send)
114+ bus=session
115+ interface="com.ubuntu.content.dbus.Service"
116+ path="/"
117+ member="PasteFormats"
118+ peer=(label=unconfined),
119+ dbus (receive)
120+ bus=session
121+ interface="com.ubuntu.content.dbus.Service"
122+ path="/"
123+ member="PasteFormatsChanged"
124+ peer=(label=unconfined),
125+
126 #
127 # end DBus rules common for all apps
128 #
129
130=== modified file 'data/templates/ubuntu/1.1/ubuntu-webapp'
131--- data/templates/ubuntu/1.1/ubuntu-webapp 2016-08-25 17:22:06 +0000
132+++ data/templates/ubuntu/1.1/ubuntu-webapp 2016-08-25 17:49:25 +0000
133@@ -211,6 +211,38 @@
134 deny dbus (bind)
135 name="org.freedesktop.Application",
136
137+ # Allow access to the PasteBoard
138+ dbus (receive, send)
139+ bus=session
140+ interface="com.ubuntu.content.dbus.Service"
141+ path="/"
142+ member="CreatePaste"
143+ peer=(label=unconfined),
144+ dbus (receive, send)
145+ bus=session
146+ interface="com.ubuntu.content.dbus.Service"
147+ path="/"
148+ member="GetPasteData"
149+ peer=(label=unconfined),
150+ dbus (receive, send)
151+ bus=session
152+ interface="com.ubuntu.content.dbus.Service"
153+ path="/"
154+ member="GetLatestPasteData"
155+ peer=(label=unconfined),
156+ dbus (receive, send)
157+ bus=session
158+ interface="com.ubuntu.content.dbus.Service"
159+ path="/"
160+ member="PasteFormats"
161+ peer=(label=unconfined),
162+ dbus (receive)
163+ bus=session
164+ interface="com.ubuntu.content.dbus.Service"
165+ path="/"
166+ member="PasteFormatsChanged"
167+ peer=(label=unconfined),
168+
169 #
170 # end DBus rules common for all webapps
171 #
172
173=== modified file 'data/templates/ubuntu/1.3/ubuntu-sdk'
174--- data/templates/ubuntu/1.3/ubuntu-sdk 2016-08-25 17:22:06 +0000
175+++ data/templates/ubuntu/1.3/ubuntu-sdk 2016-08-25 17:49:25 +0000
176@@ -230,6 +230,38 @@
177 deny dbus (bind)
178 name="org.freedesktop.Application",
179
180+ # Allow access to the PasteBoard
181+ dbus (receive, send)
182+ bus=session
183+ interface="com.ubuntu.content.dbus.Service"
184+ path="/"
185+ member="CreatePaste"
186+ peer=(label=unconfined),
187+ dbus (receive, send)
188+ bus=session
189+ interface="com.ubuntu.content.dbus.Service"
190+ path="/"
191+ member="GetPasteData"
192+ peer=(label=unconfined),
193+ dbus (receive, send)
194+ bus=session
195+ interface="com.ubuntu.content.dbus.Service"
196+ path="/"
197+ member="GetLatestPasteData"
198+ peer=(label=unconfined),
199+ dbus (receive, send)
200+ bus=session
201+ interface="com.ubuntu.content.dbus.Service"
202+ path="/"
203+ member="PasteFormats"
204+ peer=(label=unconfined),
205+ dbus (receive)
206+ bus=session
207+ interface="com.ubuntu.content.dbus.Service"
208+ path="/"
209+ member="PasteFormatsChanged"
210+ peer=(label=unconfined),
211+
212 #
213 # end DBus rules common for all apps
214 #

Subscribers

People subscribed via source and target branches