Hi everyone,
We are preparing the initial release of the Ecosia Browser snap and have a release candidate ready. The automated review has flagged two interface connections that require manual approval:
- browser-support with allow-sandbox: true
‘deny-connection’ constraint (interface attributes). If using a chromium webview, you can disable the internal sandbox (eg, use --no-sandbox) and remove the ‘allow-sandbox’ attribute instead
Ecosia Browser is a Chromium-based browser that requires the browser-support interface with allow-sandbox: true to enable Chromium’s built-in process sandbox. This sandbox is a critical security feature that isolates renderer processes from the host system — disabling it would represent a significant security regression for our users. This is consistent with other Chromium-based snaps, including the official Chromium snap maintained by Canonical:
https://code.launchpad.net/~chromium-team/chromium-browser/+git/snap-from-source
- mpris slot
human review required due to ‘deny-connection’ constraint (interface attributes) declaration-snap-v2_slots_connection (mpris, mpris)
Ecosia Browser implements the MPRIS interface to provide standard Linux desktop media integration. This is standard behaviour for all major Chromium-based browsers on Linux and is consistent with the official Chromium snap.
Thank you and best regards Jörn Ehmann, Engineering Manager@Ecosia