How do snap applications, snappy security R/W restrictions, and user files work

permissions snap libreoffice

Snap commands (the binaries that the snap makes available to the system) are each associated with a set of "plugs" and "slots" which represent the ways the snap can "connect to other things".

There is a plug called "home" and if you associate that with your snap command then it will have read access to ~/ but not to dotfiles or dot-subdirectories (to avoid leaking things like .ssh/ credentials).

We are working to add the ability for the plug to explicitly list some dotfiles that it wants to read, for special cases, but the average app just needs "the documents in ~/" and the 'home' plug does that nicely.

I'm surprised that the libreoffice snap is not doing this already, either its a bug or I have misunderstood things somewhat :)

Related

How to point a hostname to an ip address
How to properly uninstall Ubuntu from dual boot? [duplicate]
How do I fix a bad PPA installed in Ubuntu? [duplicate]
Apport aptget returning E: Sub-process /usr/bin/dpkg returned an error code (1)
How to Repair Grub while dual booting ( win7 / ubuntu 11.10)
How to save and restore workspace in Ubuntu 20.04?
Question mark shown over ethernet icon
Can't install php7.3-gd on ubuntu 20.04
Copy and paste in in Tmux and Vim: have we reach a consensus?
How to save and restore a desktop layout in MATE
Automatically Start up in Chrome
How can I get sudo to accept my password?