Ian, would it be possible to consider mounting /usr/local/share/ca-certificates in the snap's mount namespace, similar to what is done for /etc/ssl ? Or would this present security concerns?
Alternatively, would it work for chromium to use the system-files interface to expose /usr/local/share/ca-certificates from the host in a read-only fashion?
Ian, would it be possible to consider mounting /usr/local/ share/ca- certificates in the snap's mount namespace, similar to what is done for /etc/ssl ? Or would this present security concerns?
Alternatively, would it work for chromium to use the system-files interface to expose /usr/local/ share/ca- certificates from the host in a read-only fashion?