On the unfortunate need for an "age verification" API for legal compliance reasons in some U.S. states
Tomáš Zíma
tomas at tzima.cz
Sun Mar 1 20:51:15 UTC 2026
> A root-owned file won't be accessible to sandboxed applications such as Firefox running under Flatpak.
I would imagine something like this:
1. Extend adduser to ask for the user's date of birth. (GUI installers/tool would have to ask for this extra field too.)
2. Generate root-owned file containing the birth day, as suggested.
3. Regenerate a root-owned, user-readable (non-writeable) file containing the user's "age bracket" once per day via cron. The path & its format (e.g. "UNDER_13") would be the API. Alternatively, to make it more portable, a script get-age-bracket could be provided.
4. Making the file/script available to sandboxes is a matter of configuration.
I don't think XDG is a good place to implement this.
PS: While I think introducing some *optional* tools to make it easier for parents to set up some parental controls is a good thing, I don't support the legislation. Based on quick reading of the Californian bill (not a lawyer, not a native speaker), I think it would actually affect the root/admin user too, which leads to absurd results on Unix-like systems, among many other flaws. Not providing the OS at all for such jurisdictions would be the preferred course of action in my eyes, but I understand that's sadly not a practical option for many.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.ubuntu.com/archives/ubuntu-devel/attachments/20260301/97ab3728/attachment.html>
More information about the ubuntu-devel
mailing list