-
-
Notifications
You must be signed in to change notification settings - Fork 951
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Where does the Flatpak store its configs? #3297
Comments
This issue belongs to https://github.com/flathub/org.cryptomator.Cryptomator/issues. You are right: Cryptomator does not store its config inside the Flatpak container: Flatpak recommends doing so: "Retaining and sharing configuration with non-Flatpak installations is to be avoided.", but does not enforce that. Nevertheless, my personal opinion is, that it's better as Cryptomator does it, as this offers the opportunity to use different Cryptomator clients. You e.g. create a vault with the Flatpak app and because the configuration is available, you can continue using it with the AppImage or a version installed from a repository. |
I follow this argument. Especially, since if flatpak is affected by a bug, the user can still switch to the AppImage without setting up the vaults again. |
okay, thanks for pointing me to the right file. I would create a PR defining exactly those directories as permissions, this would allow Cryptomator to be easily restricted in terms of storage access, if a user knows where their vault is.
There is no permission to just create a directory, which means at least this access is completely unrestricted. https://docs.flatpak.org/en/latest/sandbox-permissions-reference.html#filesystem-permissions Would still be cool to add those last two directories as flatpak permissions, maybe even the first two. Then a user could first create those directories (by launching the app) and after that restrict the permission again, so the app will not have access to other apps configs. I dont really see the importance of your argumentation, because users shouldnt need to switch to an Appimage or whatever, as the Flatpak works well.
This is also interesting and may be used instead. This sounds like the appcode can stay untouched and those directories could be emulated. If the flatpak should break, users could still extract these configs from |
Please agree to the following
Summary
The Cryptomator Flatpak doesn't seem to store its configs inside the Flatpak Container
Motivation
Flatpaks should store their data in
~/.var/app/org.cryptomator.Cryptomator
instead of some random directory.I tried to restrict Cryptomators filesystem Access, but it doesnt save the passwords and locations in KWallet.
Considered Alternatives
Keeping the filesystem access completely unrestricted, not an option.
Anything else?
using Fedora 39 with KDE Plasma
The text was updated successfully, but these errors were encountered: