Hi all,
In the snap world, there is the concept of "classic confinement" [1]. In short, this is essentially an app delivered as a snap but not in a sandbox.
From the command-line, you install them like this:
$ sudo snap install atom
error: This revision of snap "atom" was published using classic confinement and thus may perform
arbitrary system changes outside of the security sandbox that snaps are usually confined to,
which may put your system at risk.
If you understand and want to proceed repeat the command including --classic.
$ sudo snap install --classic atom
In GNOME Software these currently fail to install [2] since we don't provide the flag to snapd to allow a snap to be unconfined.
We'd like to make them installable, but want some feedback on an appropriate method of warning the user. Current thinking is:
- We should mark them as classic / unconfined somehow to indicate to the user this. There's currently support to mark apps as sandboxed (GS_APP_KUDO_SANDBOXED and GS_APP_KUDO_SANDBOXED_SECURE), but this doesn't strongly hint to the user when an app not snadboxed should be considered more carefully. The details fields are too easily missed, so perhaps a banner / warning sign at the top?
- To match the same behaviour as the command line, we could show a pop-up box with the same text. However, pop-up boxes often get ignored... You can get away with this on the command line because the use of sudo implies a lot of trust by the user, it's less clear on the desktop to me.
Any thoughts?
--Robert
