Application Confinement (Online Accounts)

Previous description: "
Discuss how to improve Online Accounts security for applications running within the same user context. For example, if application 'facebook-foo' is installed from extras, how can we:
 * prevent it from accessing account information for Twitter?
 * prevent it from accessing all online accounts information (is DBus mediation via apparmor enough?)
 * allow access to only account information for facebook

Why do we have two different ways of handling credentials (online accounts and gnome-keyring)? What other scenarios should be handled? Should this be integrated with AppArmor and if so, what would it look like?
"

jdstrand, 2013-04-10> Retargeted from raring to s-series
jdstrand, 2013-10-03> blocked on bug #1230091

Work items for ubuntu-13.07:
[mardy] investigate how to protect the accounts db (ie, the settings. maybe dbus api, maybe only allows read-only access to the accounts db via apparmor, maybe use the hash. first iteration, ro?): DONE

Work items for ubuntu-13.08:
[mardy] extend signond's plugin interface to allow the security plugins to make run-time decisions, asynchronously: DONE
[mpt] design contextual runtime prompt for online accounts: DONE
[jdstrand] add accounts policy group to apparmor-easyprof-ubuntu: DONE

Work items for ubuntu-13.10:
[jdstrand] adjust evilapp to test online accounts access: POSTPONED

Work items:
[jdstrand] adjust security checks to verify desktop files don't specify the interpreter (AppDevUploadProcess) (high) (0.5): DONE

Work items for ubuntu-14.08:
[mardy] write a security plugin for online accounts: DONE
[mardy] add security plugin to Ubuntu package: DONE
[mardy] add ability in online accounts to display contextual runtime prompt and use the answer to grant/deny access to an account: DONE
[thomas-voss] implement trust session support (formerly LP: #1230091): DONE