I’m wondering how this interacts with the XDGp backend; on Ubuntu 22.04, I’d imagine if the user disconnected the home
interface entirely, this would force the XDGp file picker to attempt to proxy it in $XDG_RUNTIME_DIR/doc
, where because the AppArmor restriction wouldn’t apply, it may actually work.
If this is the case, then for users from earlier versions of Ubuntu / earlier versions of XDGp, it’s a regression, because in 20.04 for example, all files in $HOME
end up in $XDG_RUNTIME_DIR/doc
as the file picker backend doesn’t integrate with Snap fully in that release.
Granted I’m not a reviewer, but IMO it’s not the intention of the home
interface to restrict access they’d otherwise already have without the interface, so IMO the read: all
attribute makes sense to avoid what’s otherwise a regression (assuming that regression exists! I’m currently away from Linux machines to test with!)
Tl;Dr it’d be weird if they could access root owned world readable files outside $HOME
but not in it, but whether that is currently the scenario, I’m unsure.
Anyway, as a community opinion regarding Firefox
and Chromium
explicitly, I’m all for it.