Comment 1 for bug 1563214

My suggestion is more of a generic solution to the app confinement problem.

Assume I start at the file manager and I tap on a file. It presents an "Open with" dialog showing the apps that can open that type of file. The dialog should show all apps that can handle that file type, regardless of whether they have permission to see that particular file.

Somewhere on that dialog should be a checkbox saying "permanently allow app to view files in this directory" and a drop-down that by default has the current directory selected, but allows you to select any parent directory instead (yea even unto the very root). Then you select the app you want to open it with. Apparmor is automatically reconfigured appropriately, and the app opens to show the file.

It should then be possible to revoke these permissions somewhere in System Settings / Security & Privacy / App permissions.

This is the closest I can think of to a "I don't care about your stupid confinement model, just get the hell out of my way and never bother me again" button, which is precisely what I say (often out loud) when encountering app confinement issues in the present system. But it still allows reasonably tight security, especially if you make the effort to organise your files.

It would also allow apps to do things that aren't realistically feasible with a centralised file broker, such as custom "open file" dialogs, watching directories and automatically indexing new files, using named pipes, creating soft links, and all the other millions of things developers might think up that you couldn't possibly predict while designing an app confinement model.