Application Confinement

An important part of Ubuntu for phones is running 3rd party software in a safe manner, and a lot of work in support of ApplicationConfinement was completed. Specifically, when applications are installed on Ubuntu for phones via the Ubuntu appstore, they are installed using click packaging and run under AppArmor. While a very meaningful level of isolation between apps is achieved in Ubuntu 13.10 for Ubuntu for phones, the work is not completed and will continue in 14.04. Specifically:

  • Mir does not currently support a method for another process to display a confirmation dialog over the current foreground app (1224756). As such, users are not prompted for the following common services:

    Other services like online accounts, calendar and contacts are also affected, but access to these services is reserved for applications on a case-by-case basis in 13.10

  • AppStore apps with access to the audio policy group may trigger loading of pulseaudio system modules (1211380)
  • Several shared memory files are not application-specific (119706012265691224751)
  • Android services accessed via binder are not properly mediated (ie, apps are able to access the sensors and camera service when policy doesn’t explicitly allow it, 1197134)
  • AppArmor mediation for signals, ptrace, abstract sockets and some other forms of IPC for processes with the same UID is not yet implemented
  • AppArmor mediation for process-specific files in /proc in not implemented which discloses more information to apps than is required
  • AppArmor mediation of the environment is not implemented. Ubuntu 13.10 for phones AppArmor policy makes up for this by disallowing execution of less-restricted processes
  • X is not mediated (ie, keyboard/mouse sniffing, drag and drop, screen grabs, xsettings module loading). This is not a problem for Ubuntu for phones since it uses Mir, but is listed for people wanting to use Ubuntu appstore apps on X (eg, Ubuntu Desktop)
  • The YAMA kernel LSM is not available for Galaxy Nexus (maguro) and Nexus 7 (grouper) and not enabled on Nexus 4 (mako) and Nexus 10 (manta). As a result, kernel protections such as ptrace and link restrictions are not present.



  • No support for hardware rendering when doing HTML5 video streaming playback (poor performance, due extra buffer copy)
  • Replaying video crashes browser (1236599)
  • Scrolling in webpages is very jumpy on maguro (1240881)



  • Events can be added, but not edited (1240809)
  • Reminder functionality is not implemented (1240539)



  • Still photos only, no video recording



  • Alarms functionality not completely implemented (cannot save, no notification)
  • No detection of time zone change via settings. To detect the change, you’ll need to restart the app
Dropping Letters

  • No audio (music & effects) during game (1196865)


Language and shell

  • After changing the system language, you need to reboot to get the shell picking your change (1240875)
  • Keyboard does not allow input on the left handside in landscape mode (1236489)



  • Devices take a long time to get a GPS satellite lock – no AGPS/SUPL support


Media Player

  • Software decode and rendering is currently not supported (1234722)
  • Playing multiple videos in two different media players not supported
  • Flickering video playback on maguro
Media Scanner

  • Maguro: incorrect color conversion when producing thumbnails (240264)
  • Copying large files over mtp causes mediascanner to consume CPU.



  • Unity8 display flickers and stop responding on grouper (1238695)
  • Not supported on Manta (Nexus 10) (1203268)
  • Setting a wallpaper from a taken photo produces black background on maguro (1227783)


SDK – Qt Creator

  • Screenshot from phone not working (1238839)



  • No vibration on ring or sms



  • Links in articles are not clickable (1217297). As a workaround, articles can easily be opened with the browser using the toolbar action in the single article view.


Software Store

  • Ratings and reviews are not yet implemented.
  • Apps with “Architecture: all” are not visible on devices. (1239662)



  • Session upstart leaks memory on Ubuntu Touch (1235649)
  • On maguro omapfb spams the system with uevents from the graphics driver (1234743)