Request for Classic confinement for snap amber-bash

Amber is a programming language that’s compiled to bash. Even though it might work well with strict confinement, being a programming language it might need access to arbitrary files from the system. Thus, it falls under the approved categories of compilers as this is a compiler for the bash. This is similar to the rustup snap. The snap is published by the upstream and is maintained by me as a part of the upstream. Requesting a review from the policy reviewers.

Thanks and Regards,

Soumyadeep Ghosh

2 Likes

Hi @soumyaDghosh, thank you for the amber-bash snap. You have added snapcraft file to upstream repo, here. It perfectly fits into “programming languages” category. I am okay to grant this snap classic.

@reviewers, let me know if you think otherwise

1 Like

Thank you! Sorry, I forgot to add the upstream repo.

I am not sure I agree that this needs classic confinement given the current reasoning - you say that it might need access to arbitrary files - can you please be more specific? What files does amber require access to from the host file-system?

Not in a normal use case, but if a user to compile files under the snapcraft environment. It completely depends on the usage. This app in particular needs no extra files to work. May be my request got a bit misleading.

Hi @alexmurray any review on this?

@soumyaDghosh I need more details to understand the nature of amber. You say it might need access to arbitrary files in the initial post but then you say it needs no extra files to work. So if in the general case amber works fine under strict confinement then I think that is most appropriate. Classic confinement has a number of drawbacks and limitations and so should only be requested when absolutely necessary but it seems in this case it is not.

If however you still feel that it is necessary please provide specific details. Thanks.

1 Like

We’ve moved to strict confinement, and until we find any proper use case for classic confinement, we’ll stick with the strict one. Thanks a lot @alexmurray @0xnishit for your help and support. We are closing this ticket.

Excellent, thanks for letting us know @soumyaDghosh - I will remove this request from our internal queue.

1 Like