Requests for mammoth-browser

mammoth-cyber · May 8, 2025, 5:04pm

Update: We in fact do not need specific system-files access, see the first reply.

Hello,

Our code snippet is as below:

plugs:
  browser-sandbox:
    interface: browser-support
    allow-sandbox: true
  mmeab-sys-files:
    interface: system-files
    read:
      - /etc/machine-id
      - /proc/sys/kernel/arch

name: mammoth-browser
description: The Mammoth Enterprise Browser is based on the Chromium project. It provides easy and secure access to all your work apps in a single place. There’s no learning curve - our browser works exactly like any other. We handle security seamlessly in the background, so you can focus on your work with greater confidence.
snapcraft: link to snapcraft.yaml if publicly available
upstream: GitHub - chromium/chromium: The official GitHub mirror of the Chromium source
upstream-relation: Private fork of Chromium with added features for enterprise customers
interfaces:
- browser-support / allow-sandbox: true:
  - request-type: installation, auto-connection
  - reasoning: We need to enable the browser’s native sandbox to further isolate between websites.
- system-files:
  - read:
    - /etc/machine-id
    - /proc/sys/kernel/arch
  - request-type: installation, auto-connection
  - reasoning: Enterprise policies would require logging of identity of endpoints connect remotely

store-requests-bot · May 8, 2025, 5:04pm

This request has been added to the queue for review by the @reviewers team.

ogra · May 8, 2025, 6:18pm

The /etc/machine-id path is already covered by audio-playback, which i assume you will be adding anyway given this is a browser …

I’d have expected /proc/sys/kernel/arch to already be covered by the hardware-observe interface but oddly enough it is not there, even though the arch command itself is shipped in all base snaps and should be executable without any extra interfaces, have you considered using this instead of directly accessing /proc/sys/kernel/arch ?

mammoth-cyber · May 8, 2025, 7:41pm

I see. We will use these methods instead. Thank you for the pointers. Could you approve the browser sandbox permission?

ogra · May 8, 2025, 7:47pm

I’m not in the review team, but your request is in the queue (see the bot above) and should soon be processed by them…

cav · May 20, 2025, 1:34am

pending publisher vetting/account verification, +1 (#voteFor) from me for granting auto-connect of the browser-support interface similar to other browsers like vivaldi

mammoth-cyber · May 20, 2025, 8:34pm

Thank you for the approval. How do finish the “publisher vetting/account verification” part?

cav · May 21, 2025, 12:16am

hi @mammoth-cyber - Once the voting period has finished and we have enough votes to proceed with the request, we will ask you to complete this process: Verified Accounts as the upstream of this snap is closed-source. Thanks!

yomonokio · May 26, 2025, 11:24am

Hi @mammoth-cyber ! +1 (#voteFor) from me as well, for auto-connect access of the browser-support interface.

+2 votes for, 0 votes against, granting auto-connect of interface browser-support to diligence (#approve).

Since this is a private repo and there is no way to verify for us, the way forward is to get your account verified is through the Verified Accounts process that @cav mentioned above. Once that’s completed, we can proceed with granting access to the interface.

store-requests-bot · May 26, 2025, 11:24am

Voting period has ended. This request is approved with 2 votes for and 0 votes against.

mammoth-cyber · May 28, 2025, 11:42pm

Got you. Our request is posted here: Need to verify our account for Mammoth Cyber