I have the problem as described in the topic. While browsing the catalog tree using TBrowser I can see the content of some catalogs, but not the others. It’s not even about the *.root files but the content in general. I can see no files or sub-catalogs in some catalogs that I know are not empty. I have all the rights to open, read, and modify the content. This behavior confuses me a lot.
Does anyone have any idea what is the reason?
Root version from the Snap store. ROOT Version: 6.30/04 Platform: Linux Mint 21.3 Compiler: linuxx8664gcc on Feb 03 2024, 23:12:12
From tags/v6-30-04@v6-30-04
With c++ (Ubuntu 11.4.0-1ubuntu1~22.04) 11.4.0
After some digging, I have found the reason. It’s because I use the root from the Snap Store, which is confined and so it has access only to my home directory, but not to other partitions mounted in “/media”. The solution is:
sudo snap connect root-framework:removable-media
Whoever is creating the Snap version of the root-framework might be interested in adding “removable-media” as the default interface beside the “home” interface.
The reason this isn’t done by default (in line with general Snap policies) is that $HOME has a default level of protection, top level hidden folders like ~/.SSH for example are blocked even when access to e.g Documents isn’t.
Media doesn’t have this same protection. If a folder is mounted under /media and the permission is given to grant it, the entire drive is accessible. For cases like ourselves that makes sense a lot of the time as being in HPC and educational contexts, shared drives are common and will usually still have UNIX permissions applied.
In a broader context though, /media could be an entire operating system like Windows which might not have UNIX permissions and effectively becomes fair game for any user to access, including all secrets and other content that might be considered high sensitivity.
So while the permission can be activated automatically, I’d have to convince the Snap Store admins to do so, and I don’t expect they would agree given the audience.
The sandboxing is probably overkill generally but still nice to have in principal, for example, when the RCE with the Root 7 TBrowser was discovered, users of the Snap would have had mitigation, including e.g., people who don’t have removable-media connected would be cut off from direct network access to shared drives on a network, which is a very nice claim to be able to make (even if one you’d rather not be able to brag about).
That said, this might become less of an issue in the future since more dynamic permissions for Snaps are absolutely a work in progress (generally, not just ROOT), such as: