Status changed to 'Confirmed' because the bug affects multiple users.
** Changed in: snapd (Ubuntu)
Status: New => Confirmed
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/1963861
Title
I'm seeing this dialog when clicking a mailto: link in the firefox snap
(see attached screenshot). Are you seeing something different? What's
the value associated to the mailto scheme in about:preferences (under
the "Applications" section)?
** Changed in: firefox (Ubuntu)
Status: New => Inc
While I don't have an immediate exploit, attackers tricking a user to
start applications does feel like in should be classified as a security
bug.
I've _never_ gotten asked what application to start for a given uri
scheme.
--
You received this bug notification because you are a member of Ubuntu
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug. I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross privile
@alexmurray that code has never listed or show which application would
handle given URL scheme. The change affected the implementation of
io.snapcraft.Launcher, which is only called as a fallback when a snap
calls xdg-open inside it's namespace. The primary handler that is tried
goes through the de
** Information type changed from Private Security to Public Security
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1963861
Title:
Can't tell what application will be launched with custom schemes
To
