Open Bug 1837182 Opened 1 year ago Updated 1 year ago

Firefox installed as Snap should make clear it's sandboxed when using file:///

Categories

(Core :: Networking: File, defect, P2)

Product:
Core
Component:
Networking: File
Type:
defect

Tracking

()

People

(Reporter: sven, Unassigned)

References

(Blocks 1 open bug)

Details

(Whiteboard: [necko-triaged])

The Snap version of Firefox on Linux does not have full access to the host filesystem. This can lead to rather confusing behaviour, e.g. when you want to open a file from the command line using firefox /path/to/file.html, Firefox may not be able to access that file, or may even show a different content for the file than you are seeing in the terminal.

When browsing directories, there is no indication whether the directory you are looking at is from the host filesystem or the sandbox. On my machine (Ubuntu 23.04), /usr/share/doc appears to come from the host filesystem, while /usr/lib appears to be from the sandbox. It would be nice to be given some indication what I'm looking at when browsing local files and directories.

UI would probably have to appear in the directory listing interface, so moving to the network component for that, and linking up with the snap metabug.

Assignee: mozilla → nobody
Blocks: snap
Component: Distributions → Networking: File
Product: Firefox → Core

we dont control the UI, it's part of XDG Desktop Portal, so I dont know what we can do.

(In reply to Alexandre LISSY :gerard-majax from comment #2)

we dont control the UI, it's part of XDG Desktop Portal, so I dont know what we can do.

We control file directory listings inside the browser.

(In reply to :Gijs (he/him) from comment #3)

(In reply to Alexandre LISSY :gerard-majax from comment #2)

we dont control the UI, it's part of XDG Desktop Portal, so I dont know what we can do.

We control file directory listings inside the browser.

Not sure what you are relating to with file ?

Summary: Firefox installed as Snap should make clear it's sandboxed when browsing local files → Firefox installed as Snap should make clear it's sandboxed when using file:///

So, the directory index is generated from nsDirectoryIndexStream.cpp and that stream is parsed into a web page by nsIndexedToHTML.cpp

I'm not sure exactly how we can differentiate between files in the sandbox and files outside the sandbox.
@Sven, do you know if there's an API for that?

Severity: -- → S3
Flags: needinfo?(sven)
Priority: -- → P2
Whiteboard: [necko-triaged]

:valentin, sorry, I don't know anything about this. I suspect the filesystem sandboxing is implemented using Linux mount namespaces, and I don't think Linux will be very forthcoming when answering the question "Is this directory loop-mounted from the host fs?" You probably need to ask someone who knows how snaps work.

If it's not feasible to figure out whether a particular directory comes from the host or the sandbox, we could at least add a message that the directory listing might come from he sandbox whenever we detect that we are running inside a snap sandbox.

For what it's worth, you can run a shell inside the sandbox using snap run --shell firefox.firefox on a Linux box with the Snap installed.

Flags: needinfo?(sven)
You need to log in before you can comment on or make changes to this bug.