Flatpak permissions precedence (lemmy.ml)

submitted 11 hours ago by [email protected] to c/[email protected]

4 comments fedilink hide all child comments

If I globally disable filesystem access to home (i.e. filesystems=!home;), and an app declared that it needs home/some-dir, do I need to explicitly prevent access or do my global settings take precedence?

top 4 comments

sorted by: hot top controversial new old

[-] [email protected] 2 points 6 hours ago

I don't know the answer for sure, but think the global settings are like default settings. Each application can have different overrides. Not sure if the following is the correct quote to make, but sounds like this is how it works: https://docs.flatpak.org/en/latest/flatpak-command-reference.html#flatpak-override

flatpak-override — Override application requirements

If the application ID APP is not specified then the overrides affect all applications, but the per-application overrides can override the global overrides.

I assume you know Flatseal (GUI application for Flatpak permissions), right? After installation of a Flatpak app, you can go to the Flatseal settings and make sure to disable access if the application enabled anything you don't like. I do not think there is an automatic way to force a specific setting for all applications. You have to deal with this per application. But I can be wrong here.

[-] [email protected] 1 points 6 hours ago

I'm asking global override vs application manifest (not application override). So the app asks for access to home/some-dir but I have a global override that blocks access to home entirely.

[-] [email protected] 4 points 11 hours ago

home/some-dir takes precedence.

More specific rules overrule general rules.

[-] [email protected] 3 points 10 hours ago

So I need to go look at what filesystem each app is requesting and manually disable that on top of disabling home access entirely? What's the point of being able to do filesystem=!home in the global config?

this post was submitted on 23 Sep 2024

17 points (94.7% liked)

Linux

47381 readers

673 users here now

From Wikipedia, the free encyclopedia

Linux is a family of open source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991 by Linus Torvalds. Linux is typically packaged in a Linux distribution (or distro for short).

Distributions include the Linux kernel and supporting system software and libraries, many of which are provided by the GNU Project. Many Linux distributions use the word "Linux" in their name, but the Free Software Foundation uses the name GNU/Linux to emphasize the importance of GNU software, causing some controversy.

Rules

Posts must be relevant to operating systems running the Linux kernel. GNU/Linux or otherwise.
No misinformation
No NSFW content
No hate speech, bigotry, etc

Related Communities

Community icon by Alpár-Etele Méder, licensed under CC BY 3.0

founded 5 years ago

MODERATORS

[email protected]