I would like to request auto-connect capabilities to the personal-files interface for the Shortcut application (snap name is shortcut-app).
The application is targeted at Linux newcomers and can be used to create and edit .desktop files by providing a name, icon and executable path. As such, I need to be able to read and write to $HOME/.local/share/applications.
Since this is targeted at new users, I would like to also request auto-connect for the home interface (for non-traditional distributions). This would reduce the probability of users seeing FUSE filesystem paths if they chose to select the icon and executable files by using file picker dialogs.
Here’s the plugs section of the yaml:
plugs:
target-dir:
interface: personal-files
write:
- $HOME/.local/share/applications
home:
interface: home
Given the target audience, I have decided to limit the editing ability to only desktop files created by the shortcut-app, so they do not mess up desktop files from other sources.
Regarding personal-files for $HOME/.local/share/applications: Although it seems to be the sole point of the snap, there are some things that break the snap confinement model too easily and granting this access would clearly do that. We deliberately try to avoid giving snaps the ability to break confinement and so on that basis the request gets a -1 from me sorry.
For the home auto-connect, I would like to get input from @pedronis on this one (and Samuele you may also have input on the personal-files aspect above) - as I’m not sure of the implications of auto-connecting home on UC systems and why that might not be generally desirable (given its not auto-connected by default).
I have a question, if I may. Is there an approach that can help me achieve the only functionality of the app without breaking the confinement model? I could not find one, so I did my best to limit the effects as much as possible - only asking for access as granular as possible, confined to the active user. I also limited access inside the app to only the desktop files created by it. I do not treat the confinement model breach lightly, but I couldn’t make the app work otherwise.
Apologies for the delay responding! Of course, questions are always welcome
The problems remains that the objective is to create launchers of arbitrary content which would be executed outside of confinement. Given that it is the explicit purpose of the snap, perhaps we should not see this as too much of a problem. It’s different in many ways from the typical sandbox escape threat we worry about. @alexmurray might have some thoughts here.
This is a tricky area indeed. I am not familiar enough with this application to know, but I wonder if you can achieve this via the use of Portals - https://docs.flatpak.org/en/latest/portals.html - since then you could use GtkFileChooserNative to get the user to browse to, and open ~/.local/share/applications/ - then there would be no need for personal-files at all?
Thank you for your openness to keep discussing this!
So the app is rather simple, it allows users to create launchers (aka save .desktop files under ~/.local/share/applications/ by allowing them to type a name and pick exec and icon files using file picker dialogs. It also allows them to edit and delete only the launchers created by it.
I think I might be able to use the save functionality of the file chooser portal and have the user navigate to the target location (not sure if I can go to hidden directories), but that kind of defeats the purpose of the app itself. It is supposed to help new users that do not understand how launchers work yet.
I believe the dilemma boils down to if you consider this kind of application provides enough value for the community in order to allow it. There plenty of alternative apps that focus on creating and managing launchers that provide more robust feature sets, but I could not find any on the snapcraft store. Presumably because of the permissions they would require. I intentionally limited the features of Shortcut to the bare minimum specifically to avoid that.
Hey @beebanoo , is there any updates regarding the status of the shortcut-app snap and/or were you able to try using desktop portals in order to fix the issue? Thanks
I have been able to make use of portals to open that specific folder directly in my app. But there is one problem. Users will be greeted with a popup that $HOME/.local/share/applications isn’t accessible. Can’t find that to bypass somehow. Can you help.
@beebanoo Could you please let us know if there’s any updates regarding your snap. If not, I can go ahead and remove this request from our queue, and you can let us know when you have progress and we put your request back in the queue. Thanks.
@soumyaDghosh I see that there’s an open post for the snap and the issue that you’re referring to. Could you please keep the related issues/questions/discussions in the related post in order to avoid confusion. Thanks.
There is no action on my part to be taken, for now. As I mentioned previously, there is no intuitive method for beginners to use the app unless the permissions I requested are granted. If that is not possible, than the app itself loses all usefulness for the intended audience.
@beebanoo - thanks for the update. in that case we are removing this request from our review queue. When you have more time to work on your snap with the suggested approach, simply reply here and we can add the request back to the queue. Thanks.
