Ubuntu
chromium-browser package

[snap] Unable to access files owned by another user

Bug #1900429 reported by Andreas Fritiofson
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
chromium-browser (Ubuntu)
Invalid
Undecided
Unassigned

Bug Description

The chromium snap cannot access files in my $HOME that have a different owner, even though the files are world-readable.

Revision history for this message
Olivier Tilloy (osomon) wrote :

That's the intended behaviour, snapd's sandbox doesn't allow strictly confined snaps (such as chromium) to access files owned by someone else.

Out of curiosity, what's the use case for files owned by a different owner in your home directory?

Changed in chromium-browser (Ubuntu):
status: New → Invalid
Revision history for this message
Andreas Fritiofson (andreas-fritiofson) wrote :

In my case, a docker-based firmware build process produces a update package (owned by root, for some reason), which I upload to a target via a web-interface.

Sure, I can change the owner of the files but still, this used to work and it doesn't now.

Let me turn the question around. What is the use-case for prohibiting access to files in the user's home directory, which are readable by the user based on good old Unix filesystem permissions? Devising a completely parallel access policy based on arbitrary and invisible rules seems utterly stupid to me.

Revision history for this message
Olivier Tilloy (osomon) wrote :

That's a question that would be better answered by the snapd design/security team. May I suggest you ask it on https://forum.snapcraft.io/ (preferably keeping offending words out, this will help in getting answers and sparking a constructive conversation)?

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.