UX change to not require a person to pass in --classic or --devmode

Bug #1659925 reported by Adam Stokes
This bug affects 5 people
Affects Status Importance Assigned to Milestone

Bug Description

This is from the discussion https://lists.ubuntu.com/archives/snapcraft/2017-January/002789.html where it would be nice to have a user be able to run

snap install conjure-up

And then snap will see that it is a --classic confined snap and prompt for a "Are you sure you wish to do this". If the user passes in --classic as an option then the snap treats it like normal and installs without any prompts.

Tags: conjure-up
tags: added: conjure-up
Revision history for this message
Kyle Fazzari (kyrofa) wrote :

Note that the prompt should probably only happen on an interactive shell. Otherwise an error should occur.

Kyle Fazzari (kyrofa)
Changed in snapd:
status: New → Confirmed
Revision history for this message
Leo Arias (elopio) wrote :

Some big security concerns:

From Jaime S:

AIUI (please correct me) the reason why we have --classic and --devmode is very
intentional so that the user has to type and think about what is happening since
this is allowing the publisher access to everything on your system. The example
text in the prompt you provide doesn't convey this and I worry that what many
people will see (regardless of phrasing) is:

$ snap install foo
blah blah..checking blah blah..
Do you want me to install what you just told me to install? [Y/n] y
foo installed

From Tyler:

You're correct.

Not only will it become click-through security but it'll also make it
more appealing to simply not care about achieving proper confinement
with your snap. I'm more worried about --devmode in that regard but it
is also something to consider for --classic.

Revision history for this message
Zygmunt Krynicki (zyga) wrote :

I'm switching this to OPINION, please discuss further on forum.snapcraft.io as it seems there is no consensus with the security team to implement the change.

Changed in snapd:
status: Confirmed → Opinion
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Other bug subscribers