I have not found a defined list of requirements for personal-files. Neither in auto-connection requests nor in permissive interfaces @jdstrand are the requirements for personal-files defined somewhere else?
When I look at previous auto-connection requests, however, it seems like an application is easily granted personal-files access if those files are clearly owned by the application.
Note that chromium actually has an auto-connected personal-files plug for easy transfer of profiles:
chromium-config:
interface: personal-files
read:
- $HOME/.config/chromium
- $HOME/.chromium-browser.init
This makes sense to me: the goal of confinement is that the application does not have access to other parts of the system. If an application only has access to personal files which are clearly owned by that application, then there is no confinement issue.