Add a dotfiles / hidden files interface

It would seem pointless to have this restriction on "home" if it was only another interface away to get to those files: as I understand it, dot files are assumed to contain sensitive information and therefore excluded, so I can sleep well knowing that nothing would read my .ssh for example just because it's using the "home" interface.

That said, I did run into this, and had to tweak some environment variables because things like .config and .bash_history are not readable. And it's not a huge problem - it's mainly an issue of discoverability. Users of my snap need to know where to find or put files.

Status changed to 'Confirmed' because the bug affects multiple users.

This bug was mentioned in this thread on the list https://lists.ubuntu.com/archives/snapcraft/2016-August/000854.html

It's not strictly snappy related, but is snap related. It's hard to write snaps for editors like vim/ emacs etc as these would be expected to have access to all files in home, even hidden files

I think it's reasonable to have parameters on the home interface, which
allow us to expand the range of files to which particular snaps have access.

Mark

This would be useful also for codetree as we need to be able to read git and bazaar credentials that the user may have so it codetree can be used for non-public code.

Gustavo, what are your thoughts on this?

It is pretty common to have hidden (dotted) config files in the user's home.

+++ I think the home interface should deal with that! +++

This bug is nearly 2 years and and severely limiting the usability of snap packages. Since I know Canonical is pushing snaps crazy hard, I would have expected some movement on this sooner. This needs to be a priority.

You can't expect average desktop users to know how to either install a snap in devmode, or symlink their dotfiles from the snap app's directory. For the rest of us, this is just tedious and unnecessary.

Perhaps a better solution for things like SSH keys would be to deny access to 600 mode files or something?

Hello. Sorry for the lag, we have a few bugs and feature requests and just a handful of hands to make them all fixed. We have added one pair of interfaces, specifically for ssh keys (public and private) as a pair of interfaces. I don't think we will add a generic "this dot file" interface but we can easily add a dedicated one (for a specific dot file) because this has measurable security impact and can be appropriately gated.

I would prefer to close this bug and open one for a specific new interface. Such interface can be implemented and tested in about an hour.

> I don't think we will add a generic "this dot file" interface but we can easily add a dedicated one (for a specific dot file) because this has measurable security impact and can be appropriately gated.

Even if you disregard text editors, how are you expecting for tools like Shellcheck[1] to be able to function as snaps? I'd like to check various files (.bashrc, .bash_profile, .profile, .bash_logout, and those are just the relatively standard ones) with Shellcheck, but if I use the snap, I can't, and it sounds like you're not interested in changing this.

Should I just not be using the Shellcheck snap?

[1]: https://www.shellcheck.net/

There's some further discussion about the topic of this PR here:

https://forum.snapcraft.io/t/access-to-specific-hidden-file-path-in-users-home/6948/8

Josh, we're are researching about a way to solve problems similar to the ones you describe. It's still not ready for prime time, but I believe we should be able to address that.

This is being worked on in https://github.com/snapcore/snapd/pull/5845

This has been merged already.

The v2 version of the fix is being worked on here: https://github.com/snapcore/snapd/pull/7436

Doh, wrong branch browser tab.