> In addition the ~/snap directory is very explicitly, and non-trivially baked into apparmor profiles that are currently global to the system. This setting can vary per user.
We have mechanisms in AppArmor to help with alternate locations for things (there is the home tunable and we could add new ones for 'snap' or anything we want). This would not be difficult to implement policy-wise.
As mentioned several times in this thread, the issues are bigger than that. To Gustavo's point, there is a design and a specification for addressing this bug in a nice way, and it is on the current roadmap. This bug will be fixed.
> In addition the ~/snap directory is very explicitly, and non-trivially baked into apparmor profiles that are currently global to the system. This setting can vary per user.
We have mechanisms in AppArmor to help with alternate locations for things (there is the home tunable and we could add new ones for 'snap' or anything we want). This would not be difficult to implement policy-wise.
As mentioned several times in this thread, the issues are bigger than that. To Gustavo's point, there is a design and a specification for addressing this bug in a nice way, and it is on the current roadmap. This bug will be fixed.