From 027ff10cc9d3b38ecb7a1c5cfd6ee8e56b56a2ce Mon Sep 17 00:00:00 2001 From: Philip Withnall Date: Wed, 12 Jun 2019 07:54:39 +0100 Subject: [PATCH] docs: Expand README coverage of how the whole system is designed Signed-off-by: Philip Withnall --- README.md | 24 ++++++++++++++++++++---- 1 file changed, 20 insertions(+), 4 deletions(-) diff --git a/README.md b/README.md index 6afc56e..d8b561f 100644 --- a/README.md +++ b/README.md @@ -1,10 +1,12 @@ malcontent ========== -malcontent implements support for restricting the abilities of +malcontent implements support for restricting the type of content accessible to non-administrator accounts on a Linux system. Typically, when this is used, a non-administrator account will be for a child using the system; and the -administrator accounts will be for the parents. +administrator accounts will be for the parents; and the content being filtered +will be apps which are not suitable for the child to use, due to (for example) +being too violent. It provides an [accounts-service](https://gitlab.freedesktop.org/accountsservice/accountsservice) @@ -14,7 +16,7 @@ accessing and applying the app filter. This results in the policy being stored in `/var/lib/AccountsService/users/${user}`, which is a key file readable and writable only by the accounts-service daemon. Access to the data is mediated through accounts-service’s D-Bus interface, which libmalcontent is a client -library for +library for. All the library APIs are currently unstable and are likely to change wildly. @@ -32,7 +34,21 @@ Two kinds of policy are currently supported: installed. Applications which are already installed are not subject to this filter. -Additional policies may be added in future. +Additional policies may be added in future, such as filtering by content type +or limiting the amount of time a user is allowed to use the system for. + +Any application or service which provides the user with access to content which +should be parentally filtered is responsible for querying the user’s parental +controls filter and refusing to provide the content if not permitted by the +filter. This could mean refusing to launch a flatpak app, hiding a search +result in gnome-shell, or hiding an app in gnome-software because of its high +OARS rating. + +A sufficiently technically advanced user may always work around these parental +controls. malcontent is not a mandatory access control (MAC) system like +AppArmor or SELinux. However, its correct use by applications should provide +enough of an obstacle to prevent users easily or accidentally having access to +content which they shouldn’t. Example usage ---