Hello, I’d like to request classic confinement for the
balenaEtcher is a free and open-source utility used for writing image files such as .iso and .img files, as well as zipped folders onto storage media to create live SD cards and USB flash drives. Etcher was developed using the Electron framework.
Source repository https://github.com/balena-io/etcher
Snap repository https://github.com/gantonayde/balena-etcher-electron and snapcraft.yaml
Classic confinement request
The program needs access to
kdesudo to write to disk (image below with
confinement: strict). Unlike rpi-mager, which uses the
udisks2 plug, Etcher does not support a privileged helper running outside the sandbox, e.g. UDisks2. Etcher doesn’t use
dd or any other well-known utility to write images. The developers do not intend to upstream the usage of UDisks2 for the time being, which leaves Etcher in a very delicate spot regarding confinement, hence the request.