Code review comment for lp:~ken-vandine/content-hub/url-dispatcher

This doesn't appear to obey apparmor profiles, so as it stands this could potentially give unrestricted access to all files owned by the phablet user.

For example, creating a simple QML app that calls:

Qt.openUrlExternally("content:?pkg=com.ubuntu.developer.ken-vandine.hub-importer&url=file:///home/phablet/.ssh/known_hosts");

Will result in a user's SSH known_hosts file being sent to the hub-importer app (but potentially an app could be using this to send files directly back to itself and it could be grabbing much more important files if they exist, like ~/.ssh/id_rsa).

Unfortunately I don't think applying the apparmor profile of the app which called url-dispatcher will be enough either, as a malicious developer could create a website like http://mikeasoft.com/~mike/urlhack.php which does a header redirect to "content:?pkg=com.ubuntu.developer.ken-vandine.hub-importer&url=file:///home/phablet/.ssh/known_hosts". They would then call Qt.openUrlExternally("http://mikeasoft.com/~mike/urlhack.php") in their app, which would launch the webbrowser. The urlhack page would then cause the webbrowser to issue the request to the url-dispatcher instead of the originating app, and since the webbrowser is unconfined this would again provide a mechanism for accessing all of a user's files from a confined app.