[Bug 1208800] [NEW] [MIR] click
Colin Watson
cjwatson at canonical.com
Tue Aug 6 10:47:52 UTC 2013
Public bug reported:
Availability: In universe for all architectures.
Rationale: Click is the lightweight application packaging system for
Ubuntu Touch:
https://blueprints.launchpad.net/ubuntu/+spec/foundations-1305-click-
package
Security: Ubuntu-native and a new development, so no security history.
The click program and the PackageKit plugin are security-sensitive in
that it typically starts as root and it installs untrusted applications
(which then run under AppArmor confinement). The design has been
discussed extensively with the security team, although I don't know if
they've done a full code review.
QA: Requires no configuration. No important outstanding bugs.
Maintained by Canonical (the Ubuntu Foundations team). Includes a test
suite which is run at build time.
Dependencies: All in main.
Standards compliance: As far as I know this complies with Debian Policy
3.9.4. Applications installed by click are currently unpacked into
/opt/click.ubuntu.com/, although this may change in at least some cases;
the click package creates this directory in its postinst (which is
skating around the edges of policy a bit, but I think it's reasonable).
Maintenance: Ubuntu Foundations team; foundations-bugs and I are set as
bug contacts.
** Affects: click (Ubuntu)
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to click in Ubuntu.
https://bugs.launchpad.net/bugs/1208800
Title:
[MIR] click
Status in “click” package in Ubuntu:
New
Bug description:
Availability: In universe for all architectures.
Rationale: Click is the lightweight application packaging system for
Ubuntu Touch:
https://blueprints.launchpad.net/ubuntu/+spec/foundations-1305-click-
package
Security: Ubuntu-native and a new development, so no security history.
The click program and the PackageKit plugin are security-sensitive in
that it typically starts as root and it installs untrusted
applications (which then run under AppArmor confinement). The design
has been discussed extensively with the security team, although I
don't know if they've done a full code review.
QA: Requires no configuration. No important outstanding bugs.
Maintained by Canonical (the Ubuntu Foundations team). Includes a
test suite which is run at build time.
Dependencies: All in main.
Standards compliance: As far as I know this complies with Debian
Policy 3.9.4. Applications installed by click are currently unpacked
into /opt/click.ubuntu.com/, although this may change in at least some
cases; the click package creates this directory in its postinst (which
is skating around the edges of policy a bit, but I think it's
reasonable).
Maintenance: Ubuntu Foundations team; foundations-bugs and I are set
as bug contacts.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/click/+bug/1208800/+subscriptions
More information about the foundations-bugs
mailing list