Integration between Linux app and Snap Firefox

2»

Comments

  • wimvmourik
    wimvmourik
    Community Member

    I am about to/trying to move from Kubuntu 22.04 to 24.04.1 (which came out yesterday).
    The release upgrade script is telling me that only Firefox via Snap shall be an option; I am not given a choice to keep the .deb as installation option.
    Since the upgrade failed and I had to rollback (thanks snapshots!), I cannot yet check whether I could still manually switch back from the snap to a .deb installation, after the upgrade.
    The point being; Ubuntu is pushing snaps more agressively; please explain where we stand regarding the integration between the browser plugin and the local installation.

  • adfhogan
    adfhogan
    Community Member

    There are multiple threads..

    • There are still .debs available from other places other than Ubuntu themselves.
    • You can remove the snap and their deb that installs the snap, and switch to third party debs (like Mozilla) if you like
    • 1Password still doesn't have snap integration, as the way they verify the invoking browser process doesn't support snaps due to the way they sandbox
    • If you use the snap version, you can use browser plugin standalone. It won't integrate with local instance of 1Password, but still works.
  • jbhardman
    jbhardman
    Community Member
    edited November 7

    I hesitate to comment, because the answer has just been no for so long. But, I wanted to comment that snap browser integration is now available in Firefox with Gnome Extensions. It asked me for permissions and then just worked.
    Likewise, I was asked for permission for 1Password... but nothing happened. The integration did not work. So it seems like the permission framework is there but not fully connected with the 1Password app. Not sure what needs to happen to allow that through, like they did for Gnome Extensions.

  • mhalano
    mhalano
    Community Member

    I think Gnome Extensions uses Native Messaging to communicate, but I think 1Password doesn't use it, maybe they use an internal solution to do this communication between the app and the browser.

  • adfhogan
    adfhogan
    Community Member

    The impression I've gotten is that 1Password has an internal process for verifying that the calling process (the browser) is authorised and/or can be verified by the 1Password app, such that a malicious program couldn't just drain 1Password's store the moment the user unlocked it... and it's the sandboxing that snaps do that prevents the 1Password app from seeing through to the 1Password browser plugin fully.

    There are ways to whitelist snaps to get access to things, but I wonder if the way this can be done, and the way that Ubuntu does the snap perhaps don't play nicely?

    Either way, it would be nice for an update from the 1Password devs on this beyond "not yet" :)