Comment 1 for bug 1590767

This is a very interesting problem since the supplied completion script is a *script* that runs in the user's unconfined login session. Automated reviews I don't think would be possible store side and so I think the only way to pull this off would be to somehow run the script itself confined. Confining scripts is tricky though since the 'source' command only requires 'r'ead on the file and not e'x'ecute.

OTOH, it might be worth exploring if the completion scripts were installed (or symlinked, etc) into /var/lib/snapd/bash-completion (or something), modify bash to fork/exec a helper (eg, snap-completion) that runs under strict confinement and feeds back the strings to bash. I'm not familiar with the internals of how bash performs completion, but something along these lines should provide the desired security. Of course open to other suggestions (especially from someone more knowledgeable in bash completion :).