kingthorin
commented
2 weeks ago We are far from flatpak pros, the pak is provided for convenience. Feel free to open a PR.
Open kuflierl opened 2 weeks ago
kingthorin
commented
2 weeks ago We are far from flatpak pros, the pak is provided for convenience. Feel free to open a PR.
thc202
commented
2 weeks ago --filesystem=host so any other browser headless or otherwise (of course a lot to account for) can be called for use as well as the use of custom tools defined by users in the "Applications" sub menu.
https://github.com/flathub/org.zaproxy.ZAP/commit/7fabcd05fe41408d3199abf695476a3109ee51ba
kuflierl
commented
2 weeks ago I could see that intent, though its not how you are supposed to do it. Even if you have access to all of the binaries and config browsers need extra fluff around browsers to make them run in a sandbox like zypak. The proper way to solve this would be to use "flatpak-spawn --host" for application calls and portals for browser links (BROWSE) feature.
Even in the configuration with --filesystem=host it doesn't even currently work due to the host filesystem being mounted in /run/host. (Browser isn't called)
psiinon
commented
2 weeks ago @kuflierl thanks for the feedback - as you can see, we're not flatpack experts. PRs to the code and docs would be appreciated. I'm all for this being fixed, but its no where near the top of my priority list, so if I need to go in and work out exactly what needs to be done then it will probably be a long time before I can get around to it :/
Zaproxy doesn't need filesystem permissions as broad as "host". Limiting the default permissions is a good idea.