On Wed, Jun 20, 2018 at 8:51 AM Neal Gompa <ngomp...@gmail.com> wrote:
> On Wed, Jun 20, 2018 at 8:47 AM Matthias Clasen <mcla...@redhat.com> > wrote: > > > > On Tue, Jun 19, 2018 at 11:04 AM Vladimir Panteleev < > projectato...@thecybershadow.net> wrote: > >> > >> Hello! > >> > >> A while ago, I was looking for a way to have bubblewrap'd programs open > >> files and URLs outside their container, and stumbled upon the Snap > >> project's snapd-xdg-open: > >> > >> https://github.com/snapcore/snapd-xdg-open > >> > > > > This looks very similar to https://github.com/flatpak/flatpak-xdg-utils, > which still exists and provides > > the same functionality for flatpak, by talking to the OpenURI portal. > > > > The key difference is that the Flatpak one requires portal > integration, while xdg-open-gateway does not. Trivially > confined/sandboxed applications who attempt to access xdg-open are > correctly redirected to the host to trigger the OpenURI action. > > Not sure what that means. Either it gives blanket access (then why have it ?) or it has to talk to some intermediary. If you call it a portal or not doesn't really matter that much. And I don't understand your point about conflicting with a script in the host /usr/bin at all - surely, that is not visible in the container ?
