Permission requests from application (like in Android)

EndrII · December 16, 2021, 7:17am

Hi

Permissions system is very good solution for users security, but unfortunate not convenient to use .

I suggest add global feature for snapd. This is api for permissions requests from application. Developers must have feature send request to accesses for needed functions to snapd.

How to must be work :

Application with strict isolation send api request to access to RemoteMedia.
Snapd check application’s manifest. Can the application access these functions? (that is, whether this or that function was spelled out by the developers in snapcraft.yaml)
snapd show a request to user in gui.
If user accept this request then application get accesses to a requested function

May be this functions already implemented ? If not, then it is very desirable to implement this, since most ordinary users do not know at all about these permissions and where to set them up.

pedronis · December 17, 2021, 5:21pm

We are working on a feature to ask the user about specific accesses mediated by AppArmor and the kernel. This would require no/minimal action from the part of the app. For things that do not fit into AppArmor patterns it could maybe be extended along the lines proposed here.

EndrII · December 20, 2021, 7:00am

Do you mean that I can send a request from the app to appArmor or kernel to get some kind of permission?

How will the user respond to this request? Because if the kernel or appArmor automatically solves the user’s request, it doesn’t make sense, since the application will be granted access without the user’s knowledge

pedronis · January 24, 2022, 2:26pm

No, the reverse, AppArmor profiles would allow in some cases to not specify directly if a specified access is granted or denied but to generate an event from the kernel to user space to which user space could answer whether to proceed with the access or deny. User space would also cache the answer as appropriate.

EndrII · August 15, 2022, 10:33am

Maybe this feature already realized ? If yes, share, please link to a documentation.

jamesh · August 16, 2022, 1:10am

If you’re building a desktop app, then using the xdg-desktop-portal APIs might fit your needs.

For the case of accessing files, the FileChooser API probably fits the bill. The app asks x-d-p to show a file chooser on its behalf, and x-d-p then grants access to the chosen file. For GTK applications using GtkFileChooserNative, or Qt apps using the regular file chooser APIs, this should all happen transparently.

Note that no explicit permission dialog shows in this workflow, because the user implicitly grants permission through the file chooser.