I would like to request autoconnection for two plugs. Enpass is a cross-platform password manager and I am working closely with the team to land it as a fully functional Snap. At the moment, the Snap published on the Snap Store has an issue where the browser extension for autofilling logins refuses to connect with the Snap version of Enpass.
On the edge channel, you can find a testing version of Enpass with a fix applied by the developers to make it fully compatible with Snaps. However, in order for the browser plugin to connect to the Enpass app securely, it requires the use of the network-observe and system-observe. Without these plugs, the program silently fails, which makes for an especially frustrating user experience.
I would appreciate it if these plugs could be auto-connected, as the user has to go out of their way to ensure that these permissions have been granted. This could cause confusion, even if I add a clarification to the description, as most users don’t read it.
Hey @chrismin13 could you please provide more information regarding why exactly the auto-connection for network-observe and system-observe are needed for enpass to properly work?
I have read that your snap description says that
DUE TO SNAP RESTRICTIONS, THIS VERSION STILL HAS 2 ISSUES
and you are mentioning “The browser Autofill extension does not work yet”
Interfaces can be always manually connected if you run:
Thank you for your reply. As I mentioned in my original post, I am aware of the procedure for manually connecting the interfaces. However, I have not removed the message that “The browser Autofill extension does not work yet”, as the change has only been pushed to the edge channel and is still in a testing phase. I have no issue with updating the description once the changes are pushed to stable. That being said, it would be ideal for the program to work correctly out of the box in case a user does not read the description.
Given that I am not the developer of the application and I am only authorized to push updates to the Snap Store, I will have to contact the developers for more information on how those interfaces are being used. I will let you know once I hear back from them.
I have received a reply from the Enpass developers. I have been asked to relay the following information:
Enpass browser extension is used for auto-filling in browser. It need to communicate with Enpass somehow as it run inside browser process. Both theses permissions are required to filter out malicious process trying to connect to the Enpass app.
network-observe: Enpass uses a local web-socket on predefined port range for communication. When a browser extension try to connect, Enpass need to get info about connecting process (port, pid) to as part of verification.
system-observe: Once Enpass get pid of connecting process it need to fetch process information (name, path) to prompt user for final confirmation.
The latest update, 6.6.1, implements the fix for the browser extension and has been pushed to stable. I have updated the description with instructions on how to connect the interfaces manually both through the store and through the terminal. If these could be granted automatically, that would be ideal!
Thanks for the updated information - whilst both network-observe and system-observe allow some privileged information to be gleaned, in this case the snap is a password manager which is already dealing with privileged details so I think this is acceptable in this case.
+1 from me for auto-connect of both network-observe and system-observe for enpass. Can other @reviewers please vote? Thanks.
