My suggestion is more of a generic solution to the app confinement problem.
Assume I start at the file manager and I tap on a file. It presents an "Open with" dialog showing the apps that can open that type of file. The dialog should show all apps that can handle that file type, regardless of whether they have permission to see that particular file. Somewhere on that dialog should be a checkbox saying "permanently allow app to view files in this directory" and a drop-down that by default has the current directory selected, but allows you to select any parent directory instead (yea even unto the very root). Then you select the app you want to open it with. Apparmor is automatically reconfigured appropriately, and the app opens to show the file. It should then be possible to revoke these permissions somewhere in System Settings / Security & Privacy / App permissions. This is the closest I can think of to a "I don't care about your stupid confinement model, just get the hell out of my way and never bother me again" button, which is precisely what I say (often out loud) when encountering app confinement issues in the present system. But it still allows reasonably tight security, especially if you make the effort to organise your files. It would also allow apps to do things that aren't realistically feasible with a centralised file broker, such as custom "open file" dialogs, watching directories and automatically indexing new files, using named pipes, creating soft links, and all the other millions of things developers might think up that you couldn't possibly predict while designing an app confinement model. -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to webbrowser-app in Ubuntu. https://bugs.launchpad.net/bugs/1563214 Title: Can’t browse and view local HTML files in home folder Status in webbrowser-app package in Ubuntu: Confirmed Bug description: (initially reported on the ubuntu-phone mailing list: https://lists.launchpad.net/ubuntu-phone/msg19168.html) With the apparmor confinement, it is impossible for a phone user to browse and view local HTML files stored in their home folder. This security policy was initially put in place to avoid disclosing sensitive information stored on the filesystem. It would be good to find a middle-ground solution that allows browsing and viewing "legitimate" files in one’s home folder, while preserving a good security level. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/webbrowser-app/+bug/1563214/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : [email protected] Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
