Raw Record Source

{
  "$type": "site.standard.document",
  "bskyPostRef": {
    "cid": "bafyreih5bqp7yaphsn2pdojcpuelzcjjbeg7o5dyp63pwxzt2kwa2eq33u",
    "uri": "at://did:plc:yrn4rbgwenb6lfhhzjegbtnc/app.bsky.feed.post/3mhkbwua4uxr2"
  },
  "path": "/t/sandbox-filesystem-permissions-and-app/11871#post_1",
  "publishedAt": "2026-03-19T11:20:54.000Z",
  "site": "https://discourse.flathub.org",
  "textContent": "I’m the author and maintainer of a software, the program is published on Flathub, name “e2 SAT Editor”.\n\nI’m revisiting the sandbox permissions, filesystem permissions, if it’s possible to narrow them. But I don’t know if it has a sense for the users…\nI’m undecided whether to narrow them or leave them still.\n\nFew years ago, there were limitations with XDG portals, in my specific case. In my case, the files are satellite channel lists _(enigma2)_ , the file format is essentially a directory with multiple files. In that time, XDG desktop portal opened multiple files from directories, but it didn’t save more than one file to a directory. The multiple files saved had strange names, ie. _fileXdg01234567_ , etc.\n**This problem has been solved** , but it took some time for recent versions of XDG desktop portal to be adopted from distros.\nWhat I’ve seen on _Arch Linux_ with _xdg-desktop-portal_ , it opens and saves everything, only direct file access is blocked. I’m not sure this mechanism works everywhere in the same way, I think it does.\n\nConcerning sandbox permissions, in my case, the permission is `--filesystem=host`, so no restrictions and a red alert on the flathub page. If I narrow it to `--filesystem=home`, (would be excluded external devices, such as USB sticks), the same, a red alert on the flathub page, so it wouldn’t change too much.\nThe user can add and remove permissions anyway, for example tool like _Flatseal_ , and this is very important.\n\nBut for more narrowed permissions: the XDG user directories, for example: `xdg-documents`, yellow alert on the flathub page, is it better to set _Documents_ , _Downloads_ , or _Desktop_? Which would be better, in my case? How does the user perceive access to (his) _Documents_ or _Downloads_? Is it better or is it worse?\n\nWhat do you think? Any suggestions are appreciated.",
  "title": "Sandbox filesystem permissions and app"
}