snapd interfaces/desktop: allow reading files extracted by an unconfined file-roller in a temporary place (LP: #1968548)

interfaces/desktop: allow reading files extracted by an unconfined file-roller in a temporary place (LP: #1968548)

Open oSoMoN opened this issue 2 years ago • 1 comments

Jun 16 '22 20:06 oSoMoN

I'm not sure whether this is acceptable from a security perspective, as this means that any strictly confined snap can access files temporarily extracted by an unconfined file-roller, even if they were intended to be opened by another application.

But I'm failing to see a cleaner approach to solving LP: #1968548, so I'm submitting this PR in the hope that it will foster a discussion that might result in a suitable fix.

Jun 16 '22 20:06 oSoMoN

snapd snapd copied to clipboard

interfaces/desktop: allow reading files extracted by an unconfined file-roller in a temporary place (LP: #1968548)

snapd
snapd copied to clipboard