From mboxrd@z Thu Jan 1 00:00:00 1970 From: ludo@gnu.org (Ludovic =?utf-8?Q?Court=C3=A8s?=) Subject: Re: [PATCH] gnu: Add GeoClue desktop service. Date: Sun, 23 Aug 2015 23:40:44 +0200 Message-ID: <87vbc5vg2r.fsf@gnu.org> References: <877fowpcnd.fsf@igalia.com> <87d1yiyp2o.fsf@gnu.org> <877foqgday.fsf@igalia.com> Mime-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable Return-path: Received: from eggs.gnu.org ([2001:4830:134:3::10]:51219) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1ZTd0W-0007hO-6t for guix-devel@gnu.org; Sun, 23 Aug 2015 17:40:53 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1ZTd0R-0003JX-DF for guix-devel@gnu.org; Sun, 23 Aug 2015 17:40:52 -0400 In-Reply-To: <877foqgday.fsf@igalia.com> (Andy Wingo's message of "Thu, 20 Aug 2015 18:00:37 +0200") List-Id: "Development of GNU Guix and the GNU System distribution." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: guix-devel-bounces+gcggd-guix-devel=m.gmane.org@gnu.org Sender: guix-devel-bounces+gcggd-guix-devel=m.gmane.org@gnu.org To: Andy Wingo Cc: guix-devel@gnu.org Andy Wingo skribis: > On Thu 20 Aug 2015 17:09, ludo@gnu.org (Ludovic Court=C3=A8s) writes: > >>> +@defvr {Scheme Variable} %standard-geoclue-applications >>> +The standard list of well-known GeoClue application configurations, >>> +granting authority to GNOME's date-and-time utility to ask for the >>> +current location in order to set the time zone, and allowing the Firef= ox >>> +(IceCat) and Epiphany web browsers to request location information. >>> +Firefox and Epiphany both query the user before allowing a web page to >>> +know the user's location. >>> +@end defvr >> >> Does that mean that all these applications get blanket access to >> location info, and just happen to be nice enough to ask the user? >> >> If the answer is yes, I would rather remove the Web browsers from this >> list by default. > > I think that's right. I'm still figuring some of this out :P But yeah, > I think the reasoning is that since web browsers ask you already, don't > default to giving the web access, and you already trust the web browser > in other ways, that this is a reasonable default that prevents > double-asking. OK. But then that raises the question of how applications are authenticated: if I call my binary =E2=80=98epiphany=E2=80=99, will GeoClue= consider it to be the authorized application? (Sorry for the newbie question...) > I guess ideally it would be going through policykit and asking the user > through the session manager. Maybe that's a TODO; dunno. My only concern is to make sure the default settings are privacy-preserving. I realize that=E2=80=99s a question that goes beyond G= uixSD itself though. Thank you, Ludo=E2=80=99.