I’m writing here because I have a strange permission problem with the Syncthing Snap.
Syncthing is a p2p file synchronisation program, I use it to sync documents, photo and fonts across all my devices.
On my new laptop, I recently installed it under Ubuntu Gnome 17.04 who is providing Syncthing as a Snap Package.
As I described the problem in details here : https://forum.syncthing.net/t/cant-share-a-hidden-folder/9830/5
Somehow, Syncthing seems to not have access to hidden folders within my home folder. In this case, it claims not having the permission to acess ~/.fonts although this folder have the same permission as other synced folders.
Could this be a limitation due to the Snap Sandbox? If so, is there a way to fix this permission problem?
As I mentioned in the syncthing forum, I see the syncthing case very similar to the editors. We need to read and write files in locations chosen by the users, and sometimes those users will want to access sensitive locations. Some parts of that are being discussed here:
The summary is that yes, this is the snap sandbox preventing arbitrary system access. The home interface provides access to files in $HOME, but it doesn’t grant open access to dotted files and directories because those often contain very sensitive information that we cannot hand off to arbitrary applications.
Per @elopio’s note above, we’ll probably offer a more general solution to open up specified paths to specific snaps in the short to medium term. This was just made much easier now that we’ve just finished the dynamic manipulation of paths inside the sandbox, so perhaps we can address it soon.