Open ssokolow opened 10 months ago
Hey @ssokolow , currently Flatseal only works with user overrides. If you mix with system-level manual overrides Flatseal won't be able to do reflect that.
I don't want to change system-level overrides. I just think it's dangerously misleading to not either acknowledge them or have a big warning that they're not ignored.
It makes it far too easy for the user to assume that Flatseal can be trusted as an overview of what permissions have been granted.
I just noticed that I had an application (
org.gottcode.FocusWriter
) which Flatseal said wasfilesystem=!host
, but it could still seexdg-documents
. I only noticed this because I was trying to figure out how it was able to persist opened files across sessions when I didn't see any of the paths in theflatpak documents
output.I eventually discovered it was because of this configuration tweak I'd somehow set and forgotten about:
This seems like an easy way for a Flatseal user to be lulled into thinking something isn't granted when it actually is.