Flatseal doesn't match flatpak semantics for user/system permission interactions

[ssokolow]

I just noticed that I had an application (org.gottcode.FocusWriter) which Flatseal said was filesystem=!host, but it could still see xdg-documents. I only noticed this because I was trying to figure out how it was able to persist opened files across sessions when I didn't see any of the paths in the flatpak documents output.

I eventually discovered it was because of this configuration tweak I'd somehow set and forgotten about:

% flatpak override org.gottcode.FocusWriter --user --show                       
[Context]
filesystems=!home;
% flatpak override org.gottcode.FocusWriter --show                              
[Context]
filesystems=xdg-documents;!host;

This seems like an easy way for a Flatseal user to be lulled into thinking something isn't granted when it actually is.

[tchx84]

Hey @ssokolow , currently Flatseal only works with user overrides. If you mix with system-level manual overrides Flatseal won't be able to do reflect that.

[ssokolow]

I don't want to change system-level overrides. I just think it's dangerously misleading to not either acknowledge them or have a big warning that they're not ignored.

It makes it far too easy for the user to assume that Flatseal can be trusted as an overview of what permissions have been granted.