-
Notifications
You must be signed in to change notification settings - Fork 4
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Flatpak filesystem permissions #17
Comments
Hi, good you mention this.
It's used for various things, like the Lutris config, Heroic games Launcher, Fish shell variables and Steam Tinker Launch.
We thought of those files to. They are only used for Steam Tinker Launch, but are mandatory for it.
Some compatibility tools also require running code on the host, so even if it would not have access to the above folders, it still could edit them. |
I would prefer it that way, but again that's personal preference. Given it's not an oversight and you thought it through and accept the risk, it looks like there is nothing further I can add :) |
Yes, that would be good if you could set optional permissions and Flatpak would ask the user (on first launch), whether they want to allow them. I will close this issue for now. If there are any news on what can be improved, we can reopen it again. |
Hi there, I was just reviewing flatpak permissions of ProtonUp-Qt.
Most of the specified filesystem permissions make sense to me except a couple (which is why I started looking a bit more closely) and I just wanted to share my feedback.
.config
seems relatively "open" as many other applications create folders there as well.I haven't gone through all of the code but at a glance it looks like it could be scoped to
~/.config/steamtinkerlaunch
?This is more personal preference maybe but I don't really like applications editing these particular files to add their own entries.
It looks like the
*rc
references are used for adding/removingsteamtinkerlaunch
to the PATH.I will probably never use ProtonUp-Qt for anything other than installing or updating proton so for my particular case I can remove the permissions without breaking anything.
I understand why it might be necessary for compatibility with OStree systems though.
The text was updated successfully, but these errors were encountered: