Comments (3)
purejava
commented on September 23, 2024
1
This issue belongs to https://github.com/flathub/org.cryptomator.Cryptomator/issues.
You are right: Cryptomator does not store its config inside the Flatpak container:
https://github.com/flathub/org.cryptomator.Cryptomator/blob/97a93b068f7f7c20c2bbef50930e1fd058405eca/org.cryptomator.Cryptomator.yaml#L126
Flatpak recommends doing so: "Retaining and sharing configuration with non-Flatpak installations is to be avoided.", but does not enforce that.
Nevertheless, my personal opinion is, that it's better as Cryptomator does it, as this offers the opportunity to use different Cryptomator clients. You e.g. create a vault with the Flatpak app and because the configuration is available, you can continue using it with the AppImage or a version installed from a repository.
from cryptomator.
infeo
commented on September 23, 2024
Nevertheless, my personal opinion is, that it's better as Cryptomator does it, as this offers the opportunity to use different Cryptomator clients. You e.g. create a vault with the Flatpak app and because the configuration is available, you can continue using it with the AppImage or a version installed from a repository.
I follow this argument. Especially, since if flatpak is affected by a bug, the user can still switch to the AppImage without setting up the vaults again.
from cryptomator.
firefoxlover
commented on September 23, 2024
okay, thanks for pointing me to the right file. I would create a PR defining exactly those directories as permissions, this would allow Cryptomator to be easily restricted in terms of storage access, if a user knows where their vault is.
xdg-home/.config/Cryptomator
xdg-home/.local/share/Cryptomator #not sure how to reference home here
# problem is those directories need to be created, requiring access to the entire directory and all other apps directories
xdg-config
xdg-share
There is no permission to just create a directory, which means at least this access is completely unrestricted.
https://docs.flatpak.org/en/latest/sandbox-permissions-reference.html#filesystem-permissions
Would still be cool to add those last two directories as flatpak permissions, maybe even the first two.
Then a user could first create those directories (by launching the app) and after that restrict the permission again, so the app will not have access to other apps configs.
I dont really see the importance of your argumentation, because users shouldnt need to switch to an Appimage or whatever, as the Flatpak works well.
The --persist=path option can be used to map paths from the userβs home directory into the sandbox filesystem. This makes it possible to avoid configuring access to the entire home directory, and can be useful for applications that hardcode file paths in ~/.
This is also interesting and may be used instead. This sounds like the appcode can stay untouched and those directories could be emulated.
If the flatpak should break, users could still extract these configs from ~/.var/app/org.cryptomator.Cryptomator/.
from cryptomator.
Related Issues (20)
- Unnecessary CPU usage on desktop app HOT 1
- MPC from K-lite codex freezes on any update after 11.1.0 HOT 2
- Unable to clear file contents HOT 3
- Cryptomator shows update available to unsupported version HOT 3
- PPA - minor error HOT 3
- "Launch cryptomator on system start" doesn't work on macOS HOT 7
- Configure Proxy and Root CA store in Cryptomator settings and provide defaults for shared devices
- Dokany (1.5) volume type incompatibility with obsidian / excalidraw windows application HOT 1
- Cryptomator crashes with error code 6HCL:2GTN:615N
- UI not responding on Ubuntu 24.04 or PopOs 22.04 - NVIDIA and regular installs HOT 1
- Option to disable the repeated pop-up asking to enable automatic update checks HOT 1
- Show vault size in vault statistics
- [macOS] Replace deprecated `kLSSharedFileListSessionLoginItems` HOT 3
- Application does not start: $ in APPDATA variable
- Cryptomator does not open vaults anymore HOT 1
- Force Lock not Forceful Enough
- Add XChacha20 poly1305 HOT 2
- Locking vault results in cryptomator hanging HOT 4
- build.sh for mac dmg fails with cannot resolve dependencies with ${javafx.platform} HOT 3
- CI: Building arm64 DMG artifact fails HOT 3
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
π Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. πππ
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google β€οΈ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from cryptomator.