How to get the snap-based chromium to access a separately mounted filesystem?

NEW INFORMATION: I still stand by my opinion (now in the section prefaced with "MY ORIGINAL ANSWER (trimmed down)", below) that Ubuntu should offer both snap and non-snap versions of its packages instead of forcing us all to use the snap versions. However, I also discovered how to bypass the containment restrictions of the existing snap-based package:

If the standard Ubuntu snap-based chromium package is installed, we can run the program like this:

/snap/chromium/current/usr/lib/chromium-browser/chrome [ ... args ... ]

This bypasses the containment restrictions.

MY ORIGINAL ANSWER (trimmed down):

(Editorializing deleted) I have followed a suggestion in the following discussion which explains how to disable the crippled, snap-based chromium and to install a version which offers full capabilities, including the ability to access the filesystems which I want to access: How to remove snap completely without losing the Chromium browser?

I didn't remove snap completely ... all I did was perform the part of this that was suggested by the user called "eitch" (around 75% down towards the bottom of that discussion). Using this non-snap version of chromium solves my problem.

(Editorializing deleted)

UPDATE: Yet another solution would be for Ubuntu to offer both snap-based and non-snap-based packages for software such as chromium, so that each of us users could individually decide whether we want the full, traditional functionality of the given packages, or whether we want to install snap-based versions of the packages which make use of containment and might therefore have lesser functionality than the older versions. (Editorializing deleted)

ANOTHER UPDATE: I have now investigated this behavior under flatpak and appimage, and programs that are run via these services seem to have no trouble accessing all of the partitions and files on my system that are accessible via the command line. This containment restriction which cripples chromium apparently only applies only to snap.

Snaps, by design, are sandboxed. A snap can be connected to "interfaces" to allow them to do specific things. No interfaces are foreseen to allow a snap to access system folders. Even if such interface would exist, the packagers of Chromium still would need to enable connecting the interface to the snap.

In general, you can have a snap access a specific folder (a "separately mounted file system" is, once it is mounted, just a folder structure) by a mount --bind of that folder under a folder where the snap has access.

Some snaps can be installed in "classic" mode. "Classic mode" removes all sandboxing, and hence all security. Installing in classic mode is only possible if the snap has been prepared for that. Publishing a classic snap requires manual approval of the snap store maintainers. Therefore, many snaps cannot be installed in classic mode.

Perhaps, however, you should reconsider your workflow: do you really need your browser to access /opt?

Start root shell by

env SHELL=/bin/bash sudo -s

Thereafter, to be able to use data under /opt in Chromium, do

snap connect chromium:removable-media
mkdir -p /media/opt
echo "/opt    /media/opt    none    bind" >>/etc/fstab
mount -a
exit

Then you should be able to use /opt via /media/opt in Chromium.

If you need only temporary access, replace the echo line and the mount line above by

mount --bind /opt /media/opt

To be able to use possible submounts, too, use rbind instead of bind.

You can use all mounted filesystems via /mnt/r/ by running

mount --rbind / /mnt/r

(as superuser) if directory /mnt/r exists.

See here for instructions on how to unmount an rbind mount.

Note that there may be security risks in mounting all the extra filesystems.

See here for information about the removable-media interface.

For similar reasons, I gave up on the snap-based Chromium and use Google Chrome instead (which comes as a .deb package). I can only recommend that.