From mboxrd@z Thu Jan  1 00:00:00 1970
From: ludo@gnu.org (Ludovic =?utf-8?Q?Court=C3=A8s?=)
Subject: Re: [PATCH] gnu: Add GeoClue desktop service.
Date: Sun, 23 Aug 2015 23:40:44 +0200
Message-ID: <87vbc5vg2r.fsf@gnu.org>
References: <877fowpcnd.fsf@igalia.com> <87d1yiyp2o.fsf@gnu.org>
	<877foqgday.fsf@igalia.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable
Return-path: <guix-devel-bounces+gcggd-guix-devel=m.gmane.org@gnu.org>
Received: from eggs.gnu.org ([2001:4830:134:3::10]:51219)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <ludo@gnu.org>) id 1ZTd0W-0007hO-6t
	for guix-devel@gnu.org; Sun, 23 Aug 2015 17:40:53 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <ludo@gnu.org>) id 1ZTd0R-0003JX-DF
	for guix-devel@gnu.org; Sun, 23 Aug 2015 17:40:52 -0400
In-Reply-To: <877foqgday.fsf@igalia.com> (Andy Wingo's message of "Thu, 20 Aug
	2015 18:00:37 +0200")
List-Id: "Development of GNU Guix and the GNU System distribution."
	<guix-devel.gnu.org>
List-Unsubscribe: <https://lists.gnu.org/mailman/options/guix-devel>,
	<mailto:guix-devel-request@gnu.org?subject=unsubscribe>
List-Archive: <http://lists.gnu.org/archive/html/guix-devel>
List-Post: <mailto:guix-devel@gnu.org>
List-Help: <mailto:guix-devel-request@gnu.org?subject=help>
List-Subscribe: <https://lists.gnu.org/mailman/listinfo/guix-devel>,
	<mailto:guix-devel-request@gnu.org?subject=subscribe>
Errors-To: guix-devel-bounces+gcggd-guix-devel=m.gmane.org@gnu.org
Sender: guix-devel-bounces+gcggd-guix-devel=m.gmane.org@gnu.org
To: Andy Wingo <wingo@igalia.com>
Cc: guix-devel@gnu.org

Andy Wingo <wingo@igalia.com> skribis:

> On Thu 20 Aug 2015 17:09, ludo@gnu.org (Ludovic Court=C3=A8s) writes:
>
>>> +@defvr {Scheme Variable} %standard-geoclue-applications
>>> +The standard list of well-known GeoClue application configurations,
>>> +granting authority to GNOME's date-and-time utility to ask for the
>>> +current location in order to set the time zone, and allowing the Firef=
ox
>>> +(IceCat) and Epiphany web browsers to request location information.
>>> +Firefox and Epiphany both query the user before allowing a web page to
>>> +know the user's location.
>>> +@end defvr
>>
>> Does that mean that all these applications get blanket access to
>> location info, and just happen to be nice enough to ask the user?
>>
>> If the answer is yes, I would rather remove the Web browsers from this
>> list by default.
>
> I think that's right.  I'm still figuring some of this out :P But yeah,
> I think the reasoning is that since web browsers ask you already, don't
> default to giving the web access, and you already trust the web browser
> in other ways, that this is a reasonable default that prevents
> double-asking.

OK.  But then that raises the question of how applications are
authenticated: if I call my binary =E2=80=98epiphany=E2=80=99, will GeoClue=
 consider it
to be the authorized application?  (Sorry for the newbie question...)

> I guess ideally it would be going through policykit and asking the user
> through the session manager.  Maybe that's a TODO; dunno.

My only concern is to make sure the default settings are
privacy-preserving.  I realize that=E2=80=99s a question that goes beyond G=
uixSD
itself though.

Thank you,
Ludo=E2=80=99.