If you disconnect home, what portions of the file system does Chromium have access to?
** Description changed: I'm a Firefox user who uses Chromium for certain google websites. I like to run Chromium in a sandbox so that the "Downloads" folder is the only file system location Chromium can see. In Ubuntu 19.04, I could achieve this with: sudo apt install chromium-browser firejail ; firejail chromium-browser In Ubuntu 19.10, Chromium is only offered as a snap package: https://bugs.launchpad.net/ubuntu/+source/chromium-browser/+bug/1847092 Firejail, doesn't work with Chromium's snap package installation: https://askubuntu.com/questions/1178995 The snap installation's degree of isolation seems to be controlled by the developer of snap package. Since firejail no longer works for achieving this degree of isolation, I'm requesting that the Snap Package Maintainer (of Chromium), provide - an alternative installation that only give Chromium access to the + an alternative installation that only gives Chromium access to the "Downloads" folder exclusively. ProblemType: Bug DistroRelease: Ubuntu 19.10 Package: chromium-browser (not installed) ProcVersionSignature: Ubuntu 5.3.0-13.14-generic 5.3.0 Uname: Linux 5.3.0-13-generic x86_64 NonfreeKernelModules: zfs zunicode zavl icp zcommon znvpair ApportVersion: 2.20.11-0ubuntu7 Architecture: amd64 CurrentDesktop: ubuntu:GNOME Date: Mon Oct 7 08:15:38 2019 InstallationDate: Installed on 2019-10-06 (0 days ago) InstallationMedia: Ubuntu 19.10 "Eoan Ermine" - Beta amd64 (20191001.2) ProcEnviron: TERM=xterm-256color PATH=(custom, no user) XDG_RUNTIME_DIR=<set> LANG=en_US.UTF-8 SHELL=/bin/bash SourcePackage: chromium-browser UpgradeStatus: No upgrade log present (probably fresh install) -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to chromium-browser in Ubuntu. https://bugs.launchpad.net/bugs/1847092 Title: Sandboxing Chromium Snap without FireJail Status in chromium-browser package in Ubuntu: Triaged Bug description: I'm a Firefox user who uses Chromium for certain google websites. I like to run Chromium in a sandbox so that the "Downloads" folder is the only file system location Chromium can see. In Ubuntu 19.04, I could achieve this with: sudo apt install chromium-browser firejail ; firejail chromium-browser In Ubuntu 19.10, Chromium is only offered as a snap package: https://bugs.launchpad.net/ubuntu/+source/chromium-browser/+bug/1847092 Firejail, doesn't work with Chromium's snap package installation: https://askubuntu.com/questions/1178995 The snap installation's degree of isolation seems to be controlled by the developer of snap package. Since firejail no longer works for achieving this degree of isolation, I'm requesting that the Snap Package Maintainer (of Chromium), provide an alternative installation that only gives Chromium access to the "Downloads" folder exclusively. ProblemType: Bug DistroRelease: Ubuntu 19.10 Package: chromium-browser (not installed) ProcVersionSignature: Ubuntu 5.3.0-13.14-generic 5.3.0 Uname: Linux 5.3.0-13-generic x86_64 NonfreeKernelModules: zfs zunicode zavl icp zcommon znvpair ApportVersion: 2.20.11-0ubuntu7 Architecture: amd64 CurrentDesktop: ubuntu:GNOME Date: Mon Oct 7 08:15:38 2019 InstallationDate: Installed on 2019-10-06 (0 days ago) InstallationMedia: Ubuntu 19.10 "Eoan Ermine" - Beta amd64 (20191001.2) ProcEnviron: TERM=xterm-256color PATH=(custom, no user) XDG_RUNTIME_DIR=<set> LANG=en_US.UTF-8 SHELL=/bin/bash SourcePackage: chromium-browser UpgradeStatus: No upgrade log present (probably fresh install) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/chromium-browser/+bug/1847092/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
