Back

@fiery @h3artbl33d You want to run an app that needs access to your home and you don't like it, so maybe, only maybe you shouldn't use the app in the first place?

@fiery @h3artbl33d But it doesn't claim it runs in a sandbox. It says "Potentially Unsafe" and if you click it, it clearly says it has full access to your file system. There is not a single occurrence of the word "sandbox".

Let's sum it up. Flatpak offers granular file access permissions via XDG portals. GNU Octave doesn't support it and requires direct access to the file system. The app maintainers give it to it to make the app work. Flatpak/GNOME Software informs about it to allow you to make an educated decision. It even allows you (using Flatseal) to override the permissions and limit it to e.g. a specific folder.
But it gets the blame for lying and being insecure.

@sesivany @fiery @h3artbl33d The mistake here is using the word "safe" here. It's a charged word and creates misconceptions. Unfortunately, despite my potent misgivings about the verbiage, here we are.

The ability to manipulate Flatpak permissions was something that was brought up years ago too. One of the reasons why KDE Plasma has a panel in system settings to manipulate permissions for Flatpaks is to deal with this problem.

Users need the ability to grant and revoke any app permission.

@sesivany @fiery @h3artbl33d I wish that GNOME had taken the same approach and integrated Flatseal into GNOME Settings. It's a critical application for giving the user control over Flatpaks. It would also allow for use-cases like time-limited extra grants and such for static permissions.

@Conan_Kudo @sesivany @fiery @h3artbl33d I heartily agree. There are conversely some apps that didn't do what I needed them to do without access to more of $HOME, etc., and only became useful once I used flatseal to allow that to happen. I'm of the opinion we should probably ship flatseal by default at least for Gnome, despite the counter-argument of potential foot-rakes.