Runtime permissions for Snaps

I think we should’ve runtime permissions for snaps, just like Android. I think this’ll be helpful for both Developers and Policy Reviewers as it’ll result in elimination of the store requests for addition of privileged interfaces to snaps.

Alongwith being able to manually connect interfaces to slots and user can be automatically prompted for allowing permissions when necessary during the usage of a snap.

this is on the roadmap since quite a while, though i dont know at what priority (also note that a major part of snap installs is actually on headless devices, clouds or servers where you can not interact easily with a user, so the review requirement will likely not go away completely)

Permissions requests can still be prompted on the CLI.

how would you prompt for a snapped server ?

and if you use the asynchronous snapd REST API via your fleet management software that manages the 5000 cell towers of your company ?

this is really not an easy to implement feature but it is long on the “nice to have list” already …

note that snaps are used in many many commercial and often safety critical setups and that the existing installs may never break (you don’t really want that nuclear power plant cooling-turbine to accidentally shut off because someone missed to confirm a new interface connection during an upgrade, nor do you want that medical device to stop monitoring the heart rate of a critical ICU patient)