New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
home directory exposed #65
Comments
Users of Zotero need access to directories where are located files that they want to attach to their Zotero items. For example: A user has a PDF file at Usual dirs to these use cases are I'm a bit afraid of setting very strict rules and make the average Joe suffer because he doesn't understand how to tweak sandbox. (There are critics about this Flatpak already being too much restrictive at Gnome Software reviews) Advanced users can set this using CLI or Flatseal. What do you think, @anarcat? |
... i would argue that "files downloaded directly at home" are so rare that I don't think it's worth considering them. really, the important bit is the zotero configuration directory, and that should be included in the defaults for sure... |
love it. a bit broader than what i would do personnally, but that's fine i guess. |
Adding a data point here: I like to set up automatic export of my library through the Better BibTeX plugin to a bib file in I finally made it here and found the workaround by following the link above to #70, but it was a confusing issue to get to the bottom of---it was not obvious that flatpak was the culprit, so I didn't see the relevant flathub blurb until after I had found the solution (I had never used flatpak before I started setting up this system). I can imagine similar issues for people who like to send attachments to a dropbox folder or similar using the Zotfile plugin. In general, people organize their files in many different ways and it seems excessively strict to restrict Zotero exports and imports to XDG directories only. |
This flatpak should do a better job at isolating the software from the rest of the system:
org.zotero.Zotero/org.zotero.Zotero.json
Lines 9 to 17 in 4dc4657
... the use of portals for documents, desktop and downloads is great, but why do we need access to the entire
$HOME
directory? (And arguably, do we really need access to the other directories as well?) I understand it might be necessary to access the zotero database (say in ~/Zotero?) but in that case, shouldn't we restrict to that directory only?It would be great to have instructions on how to secure this a little further, in any ways...
The text was updated successfully, but these errors were encountered: