Open hadess opened 4 years ago
tsdgeos
commented
4 years ago What would actually be useful is for flatpak to provide a way to give this information to the end user.
A normal user won't go to github to read a comment in the manifest to figure out why a an special privilege is needed.
hadess
commented
4 years ago But we could still start with that...
tsdgeos
commented
4 years ago I honestly prefer more the Readme.md route that @Siosm is proposing in https://github.com/flathub/org.kde.ark/pull/2
How do you feel about that?
hadess
commented
4 years ago Explained in the manifest means that it's easier to keep in sync. At this point, I don't really care where it gets explained as long as it does. There aren't a lot of legitimate reasons to punch a hole for NetworkManager (which means that you could do in kontact everything you could do in the network settings panel of your desktop environment), and knowing why it can't live without it is the most important thing.
tsdgeos
commented
4 years ago Ah, i didn't realize you thought this was a bug until reading your last comment.
kontact needs to know whether you're online or not since it has this feature in which if you're not online, it doesn't try to send emails/sync calendars/etc because otherwise you'd get zillions of "failed to connect to your server" dialogs.
Is that a legitimate reason to punch a hole for NetworkManager for you?
hadess
commented
4 years ago Is that a legitimate reason to punch a hole for NetworkManager for you?
Not really, as there's a portal available for that. Right now, it means the application can connect to any Wi-Fi access point it wants, or change the DNS settings, without any user involvement. It probably shouldn't be allowed to do that.
@grulja is that something that's easily accessible from Qt/KDE libraries?
tsdgeos
commented
4 years ago Right now, it means the application can connect to any Wi-Fi access point it wants, or change the DNS settings, without any user involvement. It probably shouldn't be allowed to do that.
Thankfully Kontact is free software and we know it doesn't do that :)
hadess
commented
4 years ago Thankfully Kontact is free software and we know it doesn't do that :)
There's never ever any security issues in any of the libraries that it uses? The point of sandboxing applications is making sure that it doesn't happen, even inadvertently.
tsdgeos
commented
4 years ago You opened a bug saying "Explain Networkmanager permssion".
Now you got your explanation, that should be enough to close this bug.
If what you want is "Kontact should use this portal", you should go to bugs.kde.org and file a bug about it.
grulja
commented
4 years ago Is that a legitimate reason to punch a hole for NetworkManager for you?
Not really, as there's a portal available for that. Right now, it means the application can connect to any Wi-Fi access point it wants, or change the DNS settings, without any user involvement. It probably shouldn't be allowed to do that.
@grulja is that something that's easily accessible from Qt/KDE libraries?
Nope, Kontact would need to use either the portal directly or use Qt/NetworkManager-qt, but none of them goes through the portal as of now so using NetworkMananager over DBus would be still required.
A comment in the manifest would be useful to know why a hole is punched in the sandbox to access NetworkManager.