Permission issue with attachments?

[hpk42]

Seems some folks have issues with not being able to attach files from the host system.

https://twitter.com/mjjzf/status/1107620941515902977

[muelli]

yes. That's another bucket of sand that Electron apps throw into your apps.
It doesn't use a native file picker widget.

We can relax the security of the sandbox and allow access to files. Telegram, for example, allows xdg-download. Signal allows the home directory.
We could do something like that or give full (read) access to the host, if you want.

There seems to be a patch here and I think it'd be good to address this issue by getting that patch ready rather than working around the symptoms by relaxing the sandbox.

[muelli]

FTR: You can change the permissions yourself, if you feel so inclined, with something like
flatpak --user override --filesystem=home:rw chat.delta.desktop

[flub]

I'd vote for doing the same as signal here. Does dc-desktop also need to be able to write files? Maybe something like --filesystem=home:ro --filesystem=xdg-download:rw would be sane?

[Simon-Laux]

Does dc-desktop also need to be able to write files?

When you drag out files to save them or when you save them over the download button, it needs to write files.

[flub]

So you think restricting writing to the xdg-download dir is reasonable? Or would you rather do exactly what signal does and make $HOMO read-write instead of read-only? It's probably more intuitive for all of $HOME to be read-write as the other one is not really discoverable without UI help (and that probably won't happen as this is flatpak-specific)