New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Asking for (file access) permissions on-the-fly #674
Comments
Correct me if I'm wrong, but the file-choose portal and document-portal do exactly this. Firefox, for example, uses this, and you can select files in any local directory without it having access. |
Using those portals requires the application to be using libraries that support it (such as GTK 3 or 4, and similarly recent Qt versions). High-quality Flatpak applications usually do that. However, for proprietary apps like Slack where the maintainer of a Flatpak app is just repackaging someone else's proprietary binary, we do not get to choose how the app works - it is not under our control whether it uses the portals or not. If the application does its own browsing for files and does not talk to the portals, then there is not a whole lot that Flatpak can do to make this better. If an app like Slack has its own UI for browsing for a file to upload (does it?), then displaying that UI already requires it to be able to access directory listings for every directory that you might browse into, but the filenames in those directories are already something that you are likely to want apps to be unable to see. For instance, if you have The way this works with the file chooser portal is that the "Open..." or "Save as..." dialog is not part of the app, and can list all the filenames even though the app cannot. Only the selected file gets shared with the app, and only when you have finished browsing for it.
If the application has its own UI for browsing for a file to upload, we cannot tell the difference between the app listing the contents of a directory because you asked it to, and the app listing the contents of all directories in the background so that it can do evil things with that information. But I suspect you don't want this UX either:
... and even to be able to implement a UX that bad, someone would have to write a FUSE filesystem that we could mount instead of the entire home directory. |
Please keep in mind that Electron already supports these portals, so it's mostly a matter of Slack updating their Electron version to the latest. |
While the file chooser originally should have been working with Electron 14, 16 appears to have better support for some reason. electron/electron#31258 |
Can't this issue be closed? (unless it makes sense in the context of portals) |
Yeah, I think the answer is:
|
Hi, would it be possible to ask for permissions on-the-fly?
E.g. Slack has the issue that I cannot upload files from certain folders without having me overriding permissions on the CLI beforehand.
From a user's perspective, it would be nice if there would be a permission request dialog in such cases:
I'm thinking of an Android-like permission system.
The text was updated successfully, but these errors were encountered: