undefined | Better HN

0 pointsrockdoe4y ago0 comments

Unix applications run as a user, so it's not like they have that permission. Looking at that profile, it restricts write access to the home directory to only the Firefox profile and some config files.

I guess that makes sense, but you'd have to be aware of it when uploading and downloading stuff (it would only work from a specific designated folder).

0 comments

3 comments · 1 top-level

kaba04y ago· 2 in thread

And where are all the valuable files stored like family pictures, other browsers’ cache, ssh keys etc.? In the same user’s home dir, so in practice most desktop apps do have uncontrolled access to everything on the harddrive as per the now quite old xkcd comic ( https://xkcd.com/1200/ ).

Ideally, a “shadow” Download folder would be accessible to the process, and its content would be mirrored one-way into the real Downloads folder. Upload should display a file chooser dialog which runs in an entirely different process, and the chosen files should be in effect copied to the process’s file handles list.

yjftsjthsd-h4y ago

AIUI this is basically how flatpak does it; the file picker is called a "portal" and is indeed how you pass in files that the program couldn't reach by default.

kaba04y ago

And that is a welcome change. What I dislike about the project is that it want to be a packaging solution as well, and it is simply not a good one at that compared to the new generation one, which is Nix. Linux really shouldn’t copy Mac and Windows on everything.

j / k navigate · click thread line to collapse