Comment 50 for bug 1620771

Disclaimer: I’m no longer affiliated with snapd.

To the author of the last comment I have this advice: please keep on reading. Your understanding of the architectural reasons behind the /home limitation is widely incorrect. Your claims about security are equally off point.

I will give you the following hints:
- mount namespace configuration used by snapd to run snaps impacts /home
- semantics of symbolic links for apparmor
- apparmor profile used by snap-confine and particular snaps
- effective user transitions across snap run -> confine -> exec chain

Please look into those topic before making bold claims.
Good evening!