3v1n0
commented
7 years ago To be fair, I'm not sure this is the best way to solve this... As the snap could still have the real home access, although not been able to access to dotted files.
In fact my best way to redirect this was to only do this if the home was not readable, or to redirect any $HOME/.dotted request to $SNAP_USER_DATA/.dotted if the first one was not accessible.
But unfortunately due to this apparmor bug access gives false-positive results, unless you don't really try to fopen or opendir, which I guess it's something we don't want to do.
When
getpwfunctions are used, they return the user home path in thepw_dirfield.This value should instead point to the snap user data dir.