This fix seems to break launching .jar files directly using the openjdk desktop files even when snap/containers are not involved. I.e. using /usr/share/applications/openjdk-21-java.desktop.
Is it possible to create a more comprehensive fix that specifically targets only the container escape? In my situation, I've added the execute bit outside of any snap (I do not have anything snap related on my system) and trust the .jar file. I don't believe my use case is unique. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2153100 Title: .jar MIME handler allows escaping Firefox's Snap sandboxing To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/mailcap/+bug/2153100/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
