Public bug reported: I'm a Firefox user who uses Chromium for certain google websites.
I like to run Chromium in a sandbox so that the "Downloads" folder is the only file system location Chromium can see. In Ubuntu 19.04, I could achieve this with: sudo apt install chromium-browser firejail ; firejail chromium-browser In Ubuntu 19.10, Chromium is only offered as a snap package: https://bugs.launchpad.net/ubuntu/+source/chromium-browser/+bug/1847092 Firejail, doesn't work with Chromium's snap package installation: https://askubuntu.com/questions/1178995 The snap installation's degree of isolation seems to be controlled by the developer of snap package. Since firejail no longer works for achieving this degree of isolation, I'm requesting that the Snap Package Maintainer (of Chromium), provide an alternative installation that only give Chromium access to the "Downloads" folder exclusively. ProblemType: Bug DistroRelease: Ubuntu 19.10 Package: chromium-browser (not installed) ProcVersionSignature: Ubuntu 5.3.0-13.14-generic 5.3.0 Uname: Linux 5.3.0-13-generic x86_64 NonfreeKernelModules: zfs zunicode zavl icp zcommon znvpair ApportVersion: 2.20.11-0ubuntu7 Architecture: amd64 CurrentDesktop: ubuntu:GNOME Date: Mon Oct 7 08:15:38 2019 InstallationDate: Installed on 2019-10-06 (0 days ago) InstallationMedia: Ubuntu 19.10 "Eoan Ermine" - Beta amd64 (20191001.2) ProcEnviron: TERM=xterm-256color PATH=(custom, no user) XDG_RUNTIME_DIR=<set> LANG=en_US.UTF-8 SHELL=/bin/bash SourcePackage: chromium-browser UpgradeStatus: No upgrade log present (probably fresh install) ** Affects: chromium-browser (Ubuntu) Importance: Undecided Status: New ** Tags: amd64 apport-bug eoan snap ** Description changed: I'm a Firefox user who uses Chromium for certain google websites. I like to run Chromium in a sandbox so that the "Downloads" folder is the only file system location Chromium can see. In Ubuntu 19.04, I could achieve this like: sudo apt install chromium-browser firejail ; firejail chromium-browser - In Ubuntu 19.10, firejail cannot work with the Chromium's new snap installation method: + In Ubuntu 19.10, Chromium is only offered as a snap package: + https://bugs.launchpad.net/ubuntu/+source/chromium-browser/+bug/1847092 + + Firejail, doesn't work Chromium's snap package installation: https://askubuntu.com/questions/1178995 - The snap installation's degree of isolation seem to be controlled by the - developer of snap package. + The snap installation's degree of isolation seems to be controlled by + the developer of snap package. - Since firejail no longer works for achieving this degree of isolation, I - requesting that the Snap Package Maintainer (of Chromium), provide an - alternative installation that only give Chromium access to the + Since firejail no longer works for achieving this degree of isolation, + I'm requesting that the Snap Package Maintainer (of Chromium), provide + an alternative installation that only give Chromium access to the "Downloads" folder exclusively. ProblemType: Bug DistroRelease: Ubuntu 19.10 Package: chromium-browser (not installed) ProcVersionSignature: Ubuntu 5.3.0-13.14-generic 5.3.0 Uname: Linux 5.3.0-13-generic x86_64 NonfreeKernelModules: zfs zunicode zavl icp zcommon znvpair ApportVersion: 2.20.11-0ubuntu7 Architecture: amd64 CurrentDesktop: ubuntu:GNOME Date: Mon Oct 7 08:15:38 2019 InstallationDate: Installed on 2019-10-06 (0 days ago) InstallationMedia: Ubuntu 19.10 "Eoan Ermine" - Beta amd64 (20191001.2) ProcEnviron: - TERM=xterm-256color - PATH=(custom, no user) - XDG_RUNTIME_DIR=<set> - LANG=en_US.UTF-8 - SHELL=/bin/bash + TERM=xterm-256color + PATH=(custom, no user) + XDG_RUNTIME_DIR=<set> + LANG=en_US.UTF-8 + SHELL=/bin/bash SourcePackage: chromium-browser UpgradeStatus: No upgrade log present (probably fresh install) ** Description changed: I'm a Firefox user who uses Chromium for certain google websites. I like to run Chromium in a sandbox so that the "Downloads" folder is the only file system location Chromium can see. In Ubuntu 19.04, I could achieve this like: sudo apt install chromium-browser firejail ; firejail chromium-browser In Ubuntu 19.10, Chromium is only offered as a snap package: - https://bugs.launchpad.net/ubuntu/+source/chromium-browser/+bug/1847092 + https://discourse.ubuntu.com/t/call-for-testing-chromium-browser-deb-to-snap-transition/11179 Firejail, doesn't work Chromium's snap package installation: https://askubuntu.com/questions/1178995 The snap installation's degree of isolation seems to be controlled by the developer of snap package. Since firejail no longer works for achieving this degree of isolation, I'm requesting that the Snap Package Maintainer (of Chromium), provide an alternative installation that only give Chromium access to the "Downloads" folder exclusively. ProblemType: Bug DistroRelease: Ubuntu 19.10 Package: chromium-browser (not installed) ProcVersionSignature: Ubuntu 5.3.0-13.14-generic 5.3.0 Uname: Linux 5.3.0-13-generic x86_64 NonfreeKernelModules: zfs zunicode zavl icp zcommon znvpair ApportVersion: 2.20.11-0ubuntu7 Architecture: amd64 CurrentDesktop: ubuntu:GNOME Date: Mon Oct 7 08:15:38 2019 InstallationDate: Installed on 2019-10-06 (0 days ago) InstallationMedia: Ubuntu 19.10 "Eoan Ermine" - Beta amd64 (20191001.2) ProcEnviron: TERM=xterm-256color PATH=(custom, no user) XDG_RUNTIME_DIR=<set> LANG=en_US.UTF-8 SHELL=/bin/bash SourcePackage: chromium-browser UpgradeStatus: No upgrade log present (probably fresh install) -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to chromium-browser in Ubuntu. https://bugs.launchpad.net/bugs/1847092 Title: Sandboxing Chromium Snap without FireJail Status in chromium-browser package in Ubuntu: New Bug description: I'm a Firefox user who uses Chromium for certain google websites. I like to run Chromium in a sandbox so that the "Downloads" folder is the only file system location Chromium can see. In Ubuntu 19.04, I could achieve this with: sudo apt install chromium-browser firejail ; firejail chromium-browser In Ubuntu 19.10, Chromium is only offered as a snap package: https://bugs.launchpad.net/ubuntu/+source/chromium-browser/+bug/1847092 Firejail, doesn't work with Chromium's snap package installation: https://askubuntu.com/questions/1178995 The snap installation's degree of isolation seems to be controlled by the developer of snap package. Since firejail no longer works for achieving this degree of isolation, I'm requesting that the Snap Package Maintainer (of Chromium), provide an alternative installation that only give Chromium access to the "Downloads" folder exclusively. ProblemType: Bug DistroRelease: Ubuntu 19.10 Package: chromium-browser (not installed) ProcVersionSignature: Ubuntu 5.3.0-13.14-generic 5.3.0 Uname: Linux 5.3.0-13-generic x86_64 NonfreeKernelModules: zfs zunicode zavl icp zcommon znvpair ApportVersion: 2.20.11-0ubuntu7 Architecture: amd64 CurrentDesktop: ubuntu:GNOME Date: Mon Oct 7 08:15:38 2019 InstallationDate: Installed on 2019-10-06 (0 days ago) InstallationMedia: Ubuntu 19.10 "Eoan Ermine" - Beta amd64 (20191001.2) ProcEnviron: TERM=xterm-256color PATH=(custom, no user) XDG_RUNTIME_DIR=<set> LANG=en_US.UTF-8 SHELL=/bin/bash SourcePackage: chromium-browser UpgradeStatus: No upgrade log present (probably fresh install) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/chromium-browser/+bug/1847092/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
