External Publication
Visit Post

Permanently punching through Flatpak Sandbox (how do you get "dynamic" read/write access?)

Flathub Discourse [Unofficial] May 1, 2026
Source

Hi,

I am developing a mod manager app for Linux, developed with Python and GTK4.

I wanted my app to be available as a Flatpak, and seeing as the whole point is to sandbox the app, I want to try and do this as much as possible to reassure the user.

My app needs access to a few very specific paths which are defined in my finish-args like so:

  # Heroic
  - --filesystem=~/.config/heroic:ro # Standard
  - --filesystem=~/.var/app/com.heroicgameslauncher.hgl/config/heroic:ro # Flatpak
  # Steam
  - --filesystem=~/.local/share/Steam:ro # Standard
  - --filesystem=~/.var/app/com.valvesoftware.Steam:ro # Flatpak

These work just fine!

However, during the app’s first startup I also want the user to define two paths which are custom and can be set wherever they want.

After the user has selected those paths, I need read/write access to them.

To do this, I am using a standard Gtk.FileDialog which from what I understood is meant to punch through the flatpack sandbox, which it doesn’t do. Or at the very least not in the way I expected?

Here’s a snippet of what I currently do:

def on_select_downloads_folder_clicked(self, btn):
    dialog = Gtk.FileDialog(title=_("Select Mod Downloads Folder"))
    dialog.select_folder(self.win, None,  self.on_downloads_folder_selected_callback)

My problem here is twofold:

  1. This returns an internal flatpak sandboxed path, which is unuseable for me (run/user/1000/...) → this is my biggest problem
  2. This does not actually give me write or even read access to that path (at least it’s not visible when I check with Flatseal).
    • This I could potentially find a way to workaround by generating a command for the user to execute in their terminal that will give me read/write access to the path they have provided

After a bit more research I’ve come to understand that the file picker only temporarily punches through the portal to get access to a single file, and then the access is immediately lost or some such.

Then how am I supposed to do what I’m trying to?

am I forced to simply have - --filesystem=host ?

This seems to defeat the entire purpose of sandboxing…

Is there any way to just ask the user to confirm that I should have access to a specific path?

Thank you for any help.

Discussion in the ATmosphere

Loading comments...