[gnome-books/wip/hadess/gnome-books: 4/5] flatpak: Restrict files access
- From: Bastien Nocera <hadess src gnome org>
- To: commits-list gnome org
- Cc:
- Subject: [gnome-books/wip/hadess/gnome-books: 4/5] flatpak: Restrict files access
- Date: Fri, 25 Jan 2019 12:52:30 +0000 (UTC)
commit 59aa4e3155b3c3cde084209930e10f10ca8d3300
Author: Bastien Nocera <hadess hadess net>
Date: Fri Jan 25 09:43:47 2019 +0100
flatpak: Restrict files access
The nightly flatpak used to have access to "host". Given that we still
rely on tracker to index the books, best restrict the files access to
directories in the local home.
flatpak/org.gnome.Books.json | 3 +--
1 file changed, 1 insertion(+), 2 deletions(-)
---
diff --git a/flatpak/org.gnome.Books.json b/flatpak/org.gnome.Books.json
index 482af8ec..818fe4cf 100644
--- a/flatpak/org.gnome.Books.json
+++ b/flatpak/org.gnome.Books.json
@@ -12,8 +12,7 @@
/* Wayland access */
"--socket=wayland",
/* Read-only access to users documents */
- /* Books can be outside xdg-dirs */
- "--filesystem=host:ro",
+ "--filesystem=xdg-documents:ro", "--filesystem=xdg-download:ro",
/* Needs to talk to the network: */
"--share=network",
/* Tracker access */
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]