Re: [PATCH] gnu: Add GeoClue desktop service.
On Sun 23 Aug 2015 23:40, l...@gnu.org (Ludovic Courtès) writes:
Andy Wingo wi...@igalia.com skribis:
On Thu 20 Aug 2015 17:09, l...@gnu.org (Ludovic Courtès) writes:
+@defvr {Scheme Variable} %standard-geoclue-applications
+The standard list of well-known GeoClue application configurations,
+granting authority to GNOME's date-and-time utility to ask for the
+current location in order to set the time zone, and allowing the Firefox
+(IceCat) and Epiphany web browsers to request location information.
+Firefox and Epiphany both query the user before allowing a web page to
+know the user's location.
+@end defvr
Does that mean that all these applications get blanket access to
location info, and just happen to be nice enough to ask the user?
If the answer is yes, I would rather remove the Web browsers from this
list by default.
I think that's right. I'm still figuring some of this out :P But yeah,
I think the reasoning is that since web browsers ask you already, don't
default to giving the web access, and you already trust the web browser
in other ways, that this is a reasonable default that prevents
double-asking.
OK. But then that raises the question of how applications are
authenticated: if I call my binary ‘epiphany’, will GeoClue consider it
to be the authorized application? (Sorry for the newbie question...)
I think the name is taken from the .desktop files -- which is to say,
geoclue trusts the application to be who it says it is.
I guess ideally it would be going through policykit and asking the user
through the session manager. Maybe that's a TODO; dunno.
My only concern is to make sure the default settings are
privacy-preserving. I realize that’s a question that goes beyond GuixSD
itself though.
There are unknowns for me too here, I am also a newbie. I was just
packaging things :)
However it seems to me that you don't need a location service to get
your location -- any app has basically the right privileges to grovel
through things on its own, either through geo-IP things or via seeing
what wireless hotspots are around, etc. This is what Chromium does for
example. The model isn't an app will never know my location unless
geoclue authorizes it. It's more like users sometimes want their apps
to know the user's location, and geoclue can do a good efficient job at
it instead of making each app roll its own implementation.
But when GeoClue requests authorization, it does so by sending a request
to the object installed at /org/freedesktop/GeoClue2/Agent on the system
bus. GNOME Shell installs an object there; presumably it uses an
overlay dialog to ask the user for permission. I'm not sure how it
works in multi-user setups. Without an object installed there I don't
know how things work, or if apps that aren't whitelisted work at all.
Andy
Re: [PATCH] gnu: Add GeoClue desktop service.
Andy Wingo wi...@igalia.com skribis: However it seems to me that you don't need a location service to get your location -- any app has basically the right privileges to grovel through things on its own, either through geo-IP things or via seeing what wireless hotspots are around, etc. This is what Chromium does for example. The model isn't an app will never know my location unless geoclue authorizes it. It's more like users sometimes want their apps to know the user's location, and geoclue can do a good efficient job at it instead of making each app roll its own implementation. Yeah, good point. WiFi data is definitely available wide-open to programs anyway. Not so much we can do, it seems. Thanks for your feedback, Ludo’.
Re: [PATCH] gnu: Add GeoClue desktop service.
Andy Wingo wi...@igalia.com skribis:
On Thu 20 Aug 2015 17:09, l...@gnu.org (Ludovic Courtès) writes:
+@defvr {Scheme Variable} %standard-geoclue-applications
+The standard list of well-known GeoClue application configurations,
+granting authority to GNOME's date-and-time utility to ask for the
+current location in order to set the time zone, and allowing the Firefox
+(IceCat) and Epiphany web browsers to request location information.
+Firefox and Epiphany both query the user before allowing a web page to
+know the user's location.
+@end defvr
Does that mean that all these applications get blanket access to
location info, and just happen to be nice enough to ask the user?
If the answer is yes, I would rather remove the Web browsers from this
list by default.
I think that's right. I'm still figuring some of this out :P But yeah,
I think the reasoning is that since web browsers ask you already, don't
default to giving the web access, and you already trust the web browser
in other ways, that this is a reasonable default that prevents
double-asking.
OK. But then that raises the question of how applications are
authenticated: if I call my binary ‘epiphany’, will GeoClue consider it
to be the authorized application? (Sorry for the newbie question...)
I guess ideally it would be going through policykit and asking the user
through the session manager. Maybe that's a TODO; dunno.
My only concern is to make sure the default settings are
privacy-preserving. I realize that’s a question that goes beyond GuixSD
itself though.
Thank you,
Ludo’.
Re: [PATCH] gnu: Add GeoClue desktop service.
Andy Wingo wi...@igalia.com skribis:
From d94d4fb4c89ec6cde152ab031244a3977e216b1e Mon Sep 17 00:00:00 2001
From: Andy Wingo wi...@pobox.com
Date: Sat, 15 Aug 2015 20:43:03 +0200
Subject: [PATCH 2/2] Add GeoClue service.
* gnu/services/desktop.scm (bool): New top-level helper.
(upower-configuration-file): Use top-level `bool'.
(geoclue-application): New public function.
(%standard-geoclue-applications): New public variable.
(geoclue-service): New public variable.
(%desktop-services): Add GeoClue. Add a comment about activation.
* doc/guix.texi (Desktop Services): Document the GeoClue service.
Applied, thanks!
+@defvr {Scheme Variable} %standard-geoclue-applications
+The standard list of well-known GeoClue application configurations,
+granting authority to GNOME's date-and-time utility to ask for the
+current location in order to set the time zone, and allowing the Firefox
+(IceCat) and Epiphany web browsers to request location information.
+Firefox and Epiphany both query the user before allowing a web page to
+know the user's location.
+@end defvr
Does that mean that all these applications get blanket access to
location info, and just happen to be nice enough to ask the user?
If the answer is yes, I would rather remove the Web browsers from this
list by default.
WDYT?
Thanks,
Ludo’.
Re: [PATCH] gnu: Add GeoClue desktop service.
On Thu 20 Aug 2015 17:09, l...@gnu.org (Ludovic Courtès) writes:
+@defvr {Scheme Variable} %standard-geoclue-applications
+The standard list of well-known GeoClue application configurations,
+granting authority to GNOME's date-and-time utility to ask for the
+current location in order to set the time zone, and allowing the Firefox
+(IceCat) and Epiphany web browsers to request location information.
+Firefox and Epiphany both query the user before allowing a web page to
+know the user's location.
+@end defvr
Does that mean that all these applications get blanket access to
location info, and just happen to be nice enough to ask the user?
If the answer is yes, I would rather remove the Web browsers from this
list by default.
I think that's right. I'm still figuring some of this out :P But yeah,
I think the reasoning is that since web browsers ask you already, don't
default to giving the web access, and you already trust the web browser
in other ways, that this is a reasonable default that prevents
double-asking.
I guess ideally it would be going through policykit and asking the user
through the session manager. Maybe that's a TODO; dunno.
Andy
