Why are interfaces shown in aggregate, not per app in the yaml?

Consider the following yaml snippet:

name: mycroft

...

apps:
  bus:
    command: ...
    plugs:
    - network
    - network-bind

  skills:
    command: ...
    plugs:
    - network

  audio:
    command: ...
    plugs:
    - pulseaudio
    - network

  voice:
    command: ...
    plugs:
    - pulseaudio
    - network

When building this snap, installing, and then issuing snap interfaces I only see the interfaces in aggregate for the whole snap:

Slot           Plug
:network       mycroft
:network-bind  mycroft
:pulseaudio    mycroft
  • Why are the different apps in my yaml not individually shown with their unique plug assignments?
  • Are the apps receiving the aggregated permissions from all the snap’s plugs even though I’ve specifically restricted them from being assigned universally?
  • If the apps all receive the same set of plugs then why are we able to assign them individually per app inside the snap?

Interfaces allow snaps to access more resources than the sandbox allows by default. As such they represent some sort of trust between the user and the snap (and its maker).

If a snap gets access to interface, say, network, the snap as a whole has access. The snap developer may choose to scope the interface to a specific application for better privilege separation but users cannot make trust decisions based on this aspect as it is trivial for two snap applications (one with network access and another one without network access) to communicate internally. As such this cannot be used to ensure that privilege separation exists between two applications in one snap.

For the purpose of informing users we could expose this somehow but it should not be displayed by default and cannot be used to say that a certain application cannot access a given resource for the reason stated above.