Sandboxing stopped: Flathub apps have access to all folders and files outside their sandbox. What could cause this challenge?

@CodedOre Your information about the Debian file manager helped to narrow down the source of the challenge. Thanks again for that.

We were able to reproduce this challenge 100% of the time. On different devices. With multiple Flatpak apps. Which are not using the Debian file manager. Meaning those apps can directly access files outside their sandbox.

Per the apps maintainers’ preference, we are contacting them privately about that potential security vulnerability for their consideration and their decision. Waiting their reply.

Below is the same as above. But with details if you’re interested in those.

For reporting such potential security vulnerability, for stronger security, usually maintainers prefer to be informed privately. So that, if appropriate, they have an opportunity to adapt their security before the vulnerability is public. First, we’re trying this. Then, we will wait for their replies. Next, if appropriate, the maintainer might publish either all or part of their private ticket.

This challenge can only be reproduced when combining those 4 parts:

1. Flatpak engine

• 1. Runtime(s)
• 1. Default permissions of the Flatpak app
• 1. Flatpak app

Using the same Flatpak apps, the challenge can’t be reproduced when testing only one part. This is normal. Because, most Flatpak apps combine those 4 parts up above.

Your other suggestion about flatpak run --command=bash org.freedesktop.Platform//25.08 was useful. Thanks again for that. Our test result is that both KDE runtime part or Freedesktop runtime part, when use alone, successfully blocked access to folders and files outside its own sandbox. Per above, all 4 parts are needed to reproduce this challenge.

About the Debian file manager. I learned something new. My updated understanding is that if a Flatpak app uses the Debian file manager to access folders or files. Then, the permissions are controlled by the file manager. Not by Flatpak. In other words, the file manager overrides and cancel the Flatpak permissions.

In my personal experience, with Debian 12, for the past years, the Debian file manager, somehow was not able to override and cancel the Flatpak permissions. This started a few weeks ago. According to XDG contributors, this is normal because the XDG packages, which power part of the Debian file manager, XDG was not yet stable enough to be able to override Flatpak permissions. One of the recent XDG update fixed this.

So the above rules out de Debian file manager has the cause of the challenge.

While at the same time, this rules in the combined 4 parts listed above as potential cause of the challenge.

In other words, we made some progress

Also, in your original post you did say you have set a filesystem permission for the application, for the documents folder.

Yes and no. I hope the following clarifies, per my original post:

• Yes because the Flatpak apps are configured to ALLOW them to access folders and files WITHIN their sandbox.
• No because the Flatpak apps are configured to NOT allow them to access folders and files OUTSIDE their sandbox.

The challenge is with the apps access to denied folders and files located outside their sandbox.

Anyhow, as you know, this challenge can also be reproduced with Flatpak apps that have no filesystem permission. Including, but not limited to, not allow access to Documents folder.