trzsz ( trz / tsz ) is a simple file transfer tools, similar to lrzsz ( rz / sz ), and compatible with tmux.
Source code: https://github.com/trzsz/trzsz-go
classic is required since trzsz needs to read and write files.
As per Process for reviewing classic confinement snaps can you please outline which of the supported categories for classic confinement that trzsz fits within? Since in the vast majority of cases, access to files can be achieved under strict confinement by plugging home and optionally removable-media and hence it would seem to me that classic confinement should not be needed (nor that there is an obvious existing category that would fit for this snap).
- The trzsz command runs on the client side, trzsz ssh svr to log in to a server, the trzsz process create a child process ssh.
- If there is a jump server which running tmux, the trzsz command run as a relay, trzsz -r ssh svr to log in to another server, the trzsz process create a child process ssh too.
- The user use trz command on the server to upload files, and use tsz command on the server to download files.
upload files:
- The user run trz command, specify a directory as argument, default is the current directory.
- The trzsz process on the client side read configuration from ~/.trzsz.conf, and popup a dialog to let the user select files.
- The trzsz process read the selected files, and send to the server.
- The trz process receive the files, and save to the specified directory.
download files
- The user run tsz command, specify some files as argument.
- The trzsz process on the client side read configuration from ~/.trzsz.conf, and popup a dialog to let the user select a directory.
- The tsz process read the files specified as argument, send to the client.
- The trzsz process receive the files, and save to the specified directory.
Can you help me choose a suitable categories? Thank you for everything.
Hello @lonny, classic is the last option and only granted if there is no other way and even in this case, needs to fit into a specific category. Can you try first to use the home interface and removable-media suggested by @alexmurray?
@pfsmorigo Thanks for your reply and guidance.
The function of trzsz is to read any file specified by the user, and write to any directory specified by the user.
The home interface and removable-media will limit the functionality of trzsz. I don’t think it can meet the needs of trzsz.
trzsz just follow the user’s command to read and write. It is best not to have strict restrictions.
I think it is ok if trzsz is restrict to read and write security sensitive files, such as ~/.ssh/.
hi @lonny,
Unfortunately in this case, this snap just doesn’t fall within the bounds of the supported use cases for classic confinement. Preventing actions such as reading and writing of arbitrary files across the whole filesystem one of the points of snap confinement, and exceptions are granted only for those specifically supported use cases. Although it’s not 100% of what you’re after, much of the filesystem will be available to users with the interfaces listed above.
@lonny since unfortunately trzsz did not meet the requirements for granting classic confinement, I am removing this request from our review queue. If in the future you think you can redesign trzsz to only read/write from specific locations which can be accessed with the use of supported interfaces under strict confinement, please write back here anytime.
Please understand that classic confinement grants device ownership to the snap, so given the sensitiveness of such access is that we follow this strict process.
Thanks!
It’s alright. Thank you.
1 Like