trust-store

Location service uses the cached authorization, even if the user denied location access to an app

Bug #1387734 reported by David Barth on 2014-10-30

274

This bug affects 3 people

	Status	Importance	Assigned to	Milestone
Canonical System Image	Fix Released	High	Unassigned	Canonical System Image ww07-2015
trust-store	Fix Released	Critical	Thomas Voß
location-service (Ubuntu)	Invalid	Critical	Unassigned
Utopic	Invalid	Undecided	Unassigned
Vivid	Invalid	Critical	Unassigned
trust-store (Ubuntu)	Fix Released	Critical	Thomas Voß
Utopic	Fix Released	Critical	Thomas Voß
Vivid	Fix Released	Critical	Thomas Voß
trust-store (Ubuntu RTM)	Fix Released	Critical	Thomas Voß

Bug Description

The bug occurs after removing location access authorization to an application. The location is still available to the application, despite the user having revoked access from within USS > Privacy > Location.

To reproduce:

1. Open a map application, like Here map
2. Allow access to location
3. Switch to System Settings > Privacy > Location
4. Disable location access for Maps
5. Kill Here map, and restart it

What should happen: you should not have access anymore (and should not see a prompt)
What happens instead: the app still has access to your location, as shown in the logs:

I1030 16:15:38.167752 3100 cached_agent_glog_reporter.cpp:32] CachedAgent::authenticate_request_with_parameters: Application pid: 27975 Application uid: 32011 Application id: com.nokia.heremaps_here Cached request: Request(from: com.nokia.heremaps_here, feature: 0, when: 1414682114882519283, answer: granted)

I confirmed that the trust store had recorded the authorization change as in:

phablet@ubuntu-phablet:~$ sqlite3 ~/.local/share/UbuntuLocationService/trust.db "select * from requests"
1|unconfined|0|1414098093331252474|1
2|com.nokia.heremaps_here|0|1414682114882519283|1
3|com.nokia.heremaps_here|0|1414682131206341515|0

From a user's perspective: Despite having explicitly rejected trust to an application, the app would still be able to access services.

See original description

Tags:

Related branches

lp://staging/~thomas-voss/trust-store/fix-1387734

Merged into lp://staging/trust-store at revision 82

Seth Arnold (community): Approve on 2014-11-18

PS Jenkins bot: Approve (continuous-integration) on 2014-11-14

Ubuntu Phablet Team: Pending requested 2014-11-14

lp://staging/ubuntu/vivid-proposed/trust-store

lp://staging/~mardy/ubuntu-system-settings/lp1387734

Merged into lp://staging/ubuntu-system-settings at revision 1273

PS Jenkins bot: Needs Fixing (continuous-integration) on 2015-01-27

Sebastien Bacher (community): Approve on 2015-01-27

Thomas Voß (community): Approve on 2015-01-27

lp://staging/~mardy/ubuntu-system-settings/rtm-lp1387734

Merged into lp://staging/ubuntu-system-settings/rtm-14.09 at revision 975

Sebastien Bacher (community): Approve on 2015-01-27

David Barth (community): Approve on 2015-01-27

CVE References

2014-1422

Thomas Voß (thomas-voss) on 2014-10-30

no longer affects:	location-service
Changed in location-service (Ubuntu):
status:	New → Confirmed
importance:	Undecided → Critical
assignee:	nobody → Thomas Voß (thomas-voss)

Thomas Voß (thomas-voss) on 2014-11-14

Changed in trust-store:
importance:	Undecided → Critical
status:	New → Confirmed
Changed in trust-store (Ubuntu):
status:	New → Confirmed
importance:	Undecided → Critical
Changed in trust-store (Ubuntu RTM):
status:	New → Confirmed
importance:	Undecided → Critical
Changed in trust-store (Ubuntu):
assignee:	nobody → Thomas Voß (thomas-voss)
Changed in location-service (Ubuntu):
status:	Confirmed → Invalid
assignee:	Thomas Voß (thomas-voss) → nobody
Changed in trust-store:
assignee:	nobody → Thomas Voß (thomas-voss)

Thomas Voß (thomas-voss) on 2014-11-14

Changed in trust-store (Ubuntu RTM):
assignee:	nobody → Thomas Voß (thomas-voss)

Thomas Voß (thomas-voss) on 2014-11-14

tags:

added: rtm14

Jamie Strandboge (jdstrand) on 2014-11-14

information type:

Public → Public Security

Revision history for this message

Marc Deslauriers (mdeslaur) wrote on 2014-11-14:

This is CVE-2014-1422

Thomas Voß (thomas-voss) on 2014-11-14

description:

updated

Revision history for this message

Jamie Strandboge (jdstrand) wrote on 2014-11-14:

This will need an update to utopic-security as well (for when rtm syncs back up).

Changed in location-service (Ubuntu Utopic):
status:	New → Invalid
Changed in trust-store (Ubuntu Utopic):
status:	New → Confirmed
importance:	Undecided → Critical
assignee:	nobody → Thomas Voß (thomas-voss)

Thomas Voß (thomas-voss) on 2014-11-18

Changed in trust-store:
status:	Confirmed → In Progress
Changed in trust-store (Ubuntu Utopic):
status:	Confirmed → In Progress
Changed in trust-store (Ubuntu Vivid):
status:	Confirmed → In Progress
Changed in trust-store (Ubuntu RTM):
status:	Confirmed → In Progress

Pat McGowan (pat-mcgowan) on 2015-01-23

Changed in canonical-devices-system-image:
importance:	Undecided → High
milestone:	none → ww05-2015
status:	New → In Progress

Revision history for this message

Launchpad Janitor (janitor) wrote on 2015-01-23:

This bug was fixed in the package trust-store - 1.1.0+15.04.20150123-0ubuntu1

---------------
trust-store (1.1.0+15.04.20150123-0ubuntu1) vivid; urgency=low

  [ thomas-voss ]
  * Make sure that cached trust requests are sorted by their timestamp
    in descending order. Add regression test case. (LP: #1387734)
-- Ubuntu daily release <email address hidden> Fri, 23 Jan 2015 09:56:00 +0000

Changed in trust-store (Ubuntu Vivid):
status:	In Progress → Fix Released

Revision history for this message

Selene ToyKeeper (toykeeper) wrote on 2015-01-25:

It's great that users can now disable access... but I see two other issues now:

- After disabling access to an app, the app is still shown as being allowed to access location services. Just exit the settings app and re-start it, and the UI shows access as enabled again.

- After disabling access to an app, the user cannot re-enable access. It's shown as enabled, but it no longer works. Toggling the checkbox no longer seems to do anything.

Pat McGowan (pat-mcgowan) on 2015-01-28

Changed in canonical-devices-system-image:
milestone:	ww05-2015 → ww07-2015

Revision history for this message

Launchpad Janitor (janitor) wrote on 2015-02-02:

This bug was fixed in the package trust-store - 1.1.0+15.04.20150123~rtm-0ubuntu1

---------------
trust-store (1.1.0+15.04.20150123~rtm-0ubuntu1) 14.09; urgency=low

Changed in trust-store (Ubuntu RTM):
status:	In Progress → Fix Released

Pat McGowan (pat-mcgowan) on 2015-02-02

Changed in canonical-devices-system-image:
status:	In Progress → Fix Released

Thomas Voß (thomas-voss) on 2015-04-02

Changed in trust-store:
status:	In Progress → Fix Released

Thomas Voß (thomas-voss) on 2015-04-13

Changed in trust-store (Ubuntu Utopic):
status:	In Progress → Fix Released

Report a bug

This report contains Public Security information

Everyone can see this security related information.

Duplicates of this bug

Bug #1394707

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.