Replies: 1 comment 1 reply
-
|
If an unsandboxed app has other means to get access to something other than with a portal, then showing a permission prompt might be misleading if it happens the app is malicious. This whatever you trust the app or not (trusting yourself in an app doesn’t mean this app is trustable). Only knowing an app tries to access a resource and blocking this access as soon as possible would be a solution when not using a portal for an app that is using portals. For unidentified apps, we cannot say which app it is in a prompt, or the minimum is that the prompt is attached to the app window (if it is even possible to have). |
Beta Was this translation helpful? Give feedback.
-
|
Additionally, if you trust the app, then why not trusting how it behaves (in case it is allowed to access the target object by default)? |
Beta Was this translation helpful? Give feedback.
-
Somewhat related to #1600, and sparked by comment #1600 (comment) and discussion at https://gitlab.gnome.org/GNOME/gnome-control-center/-/merge_requests/3029#note_2328054, it is clear that we need to discuss and better define how to handle permissions for unsandboxed apps.
Should unsandboxed apps request permission?
Unsandboxed apps may use the portal, or may use whatever other API to access sensitive content. Does it make sense to make unsandboxed apps request permission when using the portal then?
If we assume unsandboxed apps to be unsafe, then we may as well avoid making them asking for permission because they may use other APIs that are not protected behind permission control to access the same resource.
On the other hand, when I install an unsandboxed app I choose to trust it, so permission control actually helps me control the app's behaviour.
Furthermore, requests to the portal may come from unidentified apps or any background daemon; should those be treated differently? Should requests coming from unsandboxed unidentified programs always prompt? Never prompt? Should there be a global permission switch which encompasses "all other programs"?
I don't have the answers. Please discuss.
Beta Was this translation helpful? Give feedback.
All reactions