danyeaw
commented
10 months ago Hey @amolenaar, that makes sense to me. Maybe the only thing I don't know about is something like saving to a USB drive.
Closed amolenaar closed 9 months ago
danyeaw
commented
10 months ago Hey @amolenaar, that makes sense to me. Maybe the only thing I don't know about is something like saving to a USB drive.
amolenaar
commented
10 months ago Hmm.. If we restrict it to the home directory, it states "Home folder read/write access". Not sure if that's much better...
Gimp and Inkscape have the same "unsafe" condition listed.
It may be good enough to use Portals to access user data. Not sure if that requires extra configuration on our end.
amolenaar
commented
10 months ago If I drop the --filesystem=host option, I can open a model, but the path looks funny:
danyeaw
commented
10 months ago Closed by gaphor/gaphor#2891.
amolenaar
commented
10 months ago You want to drop filesystem permissions on our flathub image?
danyeaw
commented
10 months ago Hi @amolenaar, do you mean release a flatpak of Gaphor with these changes?
amolenaar
commented
10 months ago Yes (or the next release), where we remove filesystem permissions from the flatpak manifest.
danyeaw
commented
10 months ago Got it, I forgot we have to update the manifest in this repo as well.
Flathub.org states that our app is potentially unsafe:
Should we limit access to the home directory only?
@danyeaw What do you think?