[gnome-software: 1/2] gs-app-context-bar: Present network access as neutral instead of warning

[Philip Withnall <pwithnall src gnome org>]

commit bb1ca3ae897a404a6ef5b2c924ec829ade545792
Author: Philip Withnall <pwithnall endlessos org>
Date:   Thu Aug 19 17:48:41 2021 +0100

    gs-app-context-bar: Present network access as neutral instead of warning
    
    Network access can be used to expand an existing local vulnerability
    into a remotely exploitable one, or can be used to leak information
    remotely.
    
    However, it’s also needed by a significant proportion of apps for
    legitimate purposes.
    
    Therefore, presenting it as a safety warning is not particularly
    helpful, as it means very few apps ever get labelled as ‘safe’, and most
    get labelled as ‘potentially unsafe’ due to their network permission.
    This reduces the utility of the labelling system to the user.
    
    Instead, label the network access permission as ‘safe’ in the context
    tile, but neutral (grey) in the dialog.
    
    This is similar to what Android does. In Android, apps are required to
    request the internet permission in their manifests if they access the
    internet, but the user is never prompted about that permission. It’s
    considered a ‘normal permission’. See
    https://developer.android.com/training/basics/network-ops/connecting.
    
    Signed-off-by: Philip Withnall <pwithnall endlessos org>

 src/gs-app-context-bar.c       | 6 +++++-
 src/gs-safety-context-dialog.c | 6 +++++-
 2 files changed, 10 insertions(+), 2 deletions(-)
---
diff --git a/src/gs-app-context-bar.c b/src/gs-app-context-bar.c
index 936e52cc4..724343d03 100644
--- a/src/gs-app-context-bar.c
+++ b/src/gs-app-context-bar.c
@@ -223,7 +223,11 @@ update_safety_tile (GsAppContextBar *self)
                        break;
                case GS_APP_PERMISSIONS_NETWORK:
                        add_to_safety_rating (&chosen_rating, descriptions,
-                                             SAFETY_POTENTIALLY_UNSAFE,
+                                             /* This isn’t actually safe (network access can expand a local
+                                              * vulnerability into a remotely exploitable one), but it’s
+                                              * needed commonly enough that marking it as
+                                              * %SAFETY_POTENTIALLY_UNSAFE is too noisy. */
+                                             SAFETY_SAFE,
                                              /* Translators: This indicates an app uses the network.
                                               * It’s used in a context tile, so should be short. */
                                              _("Has network access"));
diff --git a/src/gs-safety-context-dialog.c b/src/gs-safety-context-dialog.c
index 9df9f17a7..02cc49789 100644
--- a/src/gs-safety-context-dialog.c
+++ b/src/gs-safety-context-dialog.c
@@ -145,7 +145,11 @@ update_permissions_list (GsSafetyContextDialog *self)
                                    NULL, NULL, NULL);
                add_permission_row (self->permissions_list, &chosen_rating,
                                    (permissions & GS_APP_PERMISSIONS_NETWORK) != 0,
-                                   GS_CONTEXT_DIALOG_ROW_IMPORTANCE_WARNING,
+                                   /* This isn’t actually unimportant (network access can expand a local
+                                    * vulnerability into a remotely exploitable one), but it’s
+                                    * needed commonly enough that marking it as
+                                    * %GS_CONTEXT_DIALOG_ROW_IMPORTANCE_WARNING is too noisy. */
+                                   GS_CONTEXT_DIALOG_ROW_IMPORTANCE_NEUTRAL,
                                    "network-wireless-symbolic",
                                    /* Translators: This refers to permissions (for example, from flatpak) 
which an app requests from the user. */
                                    _("Network Access"),