search

blissd / fotema

Photo gallery for Linux
81 stars 8 forks source link

Open containing folder behaves strangely #256

Open forteller opened 3 weeks ago

forteller commented 3 weeks ago

Clicking Open containing folder opens the file manager in a very weird directory. Here's the one opened on top and the one I expect on the bottom:

image

All the same images are there, so I have no idea if this is just a symlink kinda situation, or if Fotema creates duplicates of every photo or what is going on, but it's very strange and unexpected.

blissd commented 3 weeks ago

Hi @forteller. Thank you for your bug report. This is not a symlink nor is it a duplicate of your files. This is actually a known issue, but I'm not sure how to fix it right now.

The strange path is a trade off from allowing users to select a directory for their photo/video library. Fotema doesn't come with any file system permissions out of the box and is granted a dynamic permission for one root directory when you choose the photo library root. The permission comes from the XDG Documents Portal when the user chooses the library root directory, and the selected directory gets mounted (mostly permanently) under /run/user/$UID/doc/$DOC_ID/filename both inside and outside the running Flatpak app sandbox. I don't like this behaviour of the XDG Documents portal and find it confusing just like you do, but right now that is the trade-off Fotema is willing to make.

This approach gives Fotema minimal file system permissions so that users have greater protection in the theoretical case of Fotema opening a specially crafted malicious photo or video that allows code execution. At least, I hope that is the case as it is not something I know how to test.

The alternative, which would avoid the strange paths, is to give the Fotema the --filesystem=host which would allow access to all your data, which is far too much access in my opinion.

You can inspect your Flatpak installed apps to see what directories and files they have access to. I was very surprised when I found hundreds of documents! Try the command:

flatpak documents --columns=all

And to see Fotema's document access alone, try:

flatpak documents --columns=all app.fotema.Fotema

I'm sure I've seen some discussion somewhere about extending the XDG Documents Portal APIs to allow apps in the sandbox access to the real paths, but I don't think it exists yet. When it does, I'll update Fotema to use that when opening the containing folder.

blissd commented 3 weeks ago

Looks like this might be what Fotema needs: https://github.com/flatpak/xdg-desktop-portal/pull/1364

blissd commented 3 weeks ago

I see that the ASHPD library that Fotema uses for the XDG Documents Portal exposes a host_paths function.

forteller commented 3 weeks ago

I see. Thank you very much for taking the time to explain this so well!

Yeah, I really think they need to work on this. Flatpak needs to be totally noob friendly, to say it like the kids used to say in the 90s :P