TheEvilSkeleton
commented
3 years ago I just tested sending an email with a file in an external drive to myself, and it worked no problem.
Open TheEvilSkeleton opened 3 years ago
TheEvilSkeleton
commented
3 years ago I just tested sending an email with a file in an external drive to myself, and it worked no problem.
charlag
commented
3 years ago I think it's up to the distro where to mount media, I think systemd mounts it to /run but it's not given.
TheEvilSkeleton
commented
3 years ago Most users will either use /run or /mnt for mounted external media. Allowing both permissions will prevent us from allowing access to host.
olof-nord
commented
9 months ago Here a link to the docs: https://docs.flatpak.org/en/latest/sandbox-permissions.html#filesystem-access
What kind of external devices are meant here? USB memories and external harddrives?
As they might be mounted wherever the user chooses, that might need manual configuration per Flatseal for example.
https://github.com/flatpak/flatpak/issues/2713
With --filesystem=host as in use today, most of the file system should be available.
Is this issue still open?
Continuing https://github.com/flathub/com.tutanota.Tutanota/pull/15#discussion_r515505314.
@charlag I've found a way to give it access to external devices!
It's easy, we just give it access to
/run/media.I can submit an MR to restrict host and home access while giving it access to directories that most people use.