snapd

Snapped application can't access user's trash can

Bug #1787903 reported by 林博仁(Buo-ren Lin) on 2018-08-20

This bug affects 2 people

Affects		Status	Importance	Assigned to	Milestone
	snapd	Triaged	Wishlist	Unassigned

Bug Description

If one chooses to trash certain file in a non-classic snapped application, it will end up in ~/snap/_snap_name_/current/.local/share/Trash and will not be visible to the file manager's trashcan/bin view, causing frustration.

Snapd should allow snapped applications to access the trash cans according to the [Desktop Trash Can Specification](https://freedesktop.org/wiki/Specifications/trash-spec/) from freedesktop.org.

Considering the content in user's trash can is, well, trashed, the security impact should be minor.

See original description

Paweł Stołowski (stolowski) on 2018-11-16

Changed in snapd:
importance:	Undecided → Wishlist
status:	New → Triaged

林博仁(Buo-ren Lin) (brlin) on 2019-03-19

description:	updated
description:	updated

Revision history for this message

James Henstridge (jamesh) wrote on 2019-03-19:

We probably want to rely on xdg-desktop-portal for this.

I strongly disagree that the security impact of giving a confined app access to the trash folder is minor. If you give read access to the contents of the directory, then you're providing access to a random collection of user data.

Even if write access is sufficient, you're giving the confined app the ability to choose where the trashed file should be restored to (via the Path key in the info file). This could be used to trick the user into restoring a malicious executable/desktop file into a session autostart location, for instance.

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.