Hi, I agree with Alan. Some other snaps that could need something like this could be app launchers (e.g. Whisker Menu) and desktop environments.
Cheers On 9 September 2016 at 12:58, Alan Pope <[email protected]> wrote: > Hi, > > This is an architectural snappy question where I have one use case, > but have seen others mention similar issues which may be related. > Perhaps they could speak up also with their requirements. > > With regards to > https://code.launchpad.net/~popey/ubuntu-terminal-app/add- > snapcraft-config/+merge/305206 > > http://people.canonical.com/~alan/ubuntu-terminal-app_0.7.207_amd64.snap > > I made the above merge and snap to test out the phone terminal app on > the desktop as a snap, for possible inclusion in the store. The goal > being that people can install it on a Unity8 snap-only system. > > But, it's a bit useless in its current form, due in part to our > confinement and store policies. In the click store (on the phone) the > app is unconfined, so can access files/programs outside of the click. > > If I set confinement to be 'strict' then I can put it in the stable > store, but you can't actually run any non-built-in things (like ssh, > top), making it unusable for most people. > > If I make it use the 'devmode' confinement policy then it (as I > understand it) *cannot* go into the stable store (by policy), but can > execute external commands in the core. However, it can't be used to > launch other executables in other snaps, making it somewhat useless on > a snap-only system with other tools installed. > > I don't believe this to be unique to this terminal, nor > desktop/graphical apps, other snap-packaged terminals (and file > managers & other system level things) may have the same issue. > > How do we we resolve this? Do we request a security exception & code audit? > Is there some other planned interface for these kinds of 'expert' apps > which need to reach outside of their confinement? > > Cheers, > -- > Alan Pope > Community Manager > > Canonical - Ubuntu Engineering and Services > +44 (0) 7973 620 164 > [email protected] > http://ubuntu.com/ > > -- > Snapcraft mailing list > [email protected] > Modify settings or unsubscribe at: https://lists.ubuntu.com/ > mailman/listinfo/snapcraft >
-- Snapcraft mailing list [email protected] Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/snapcraft
