flatpak portal example on github

[Alexander Larsson]

On Tue, Nov 26, 2019 at 8:29 PM Winnie Poon <winniepoon_home at hotmail.com>
wrote:

> Hi all,
>
> that would be sad news 🙁  I remember a while ago when I asked in this
> mailing list about usb drive access, a few developers including Alex
> suggested the device portal, that's why I looked into that, but now it
> seems like --device=all is the ONLY option?
>
> So really my approach of using file chooser to grant permission to the
> right file e.g. /dev/bus/usb/001/010 would not go anywhere?  like even
> after if i can somehow solve the root owner issue?
>
> I'm really hoping to have a better solution than using --device=all. 🙁
>

Yeah, this is a bit unfortunate. However, /dev access is something that is
set up at sandbox setup time (i.e. app startup) and thus it has to be
static. I.e. we can't change these after the fact, and that would be needed
for usb which is highly dynamic.

The file chooser portal works by using a fuse filesystem that protects
access to the files, but we can't use fuse for something like a device
node, so this can't be done.

We don't have any generic portal that works for all usb devices, we're
instead trying to abstract thing out on a higher per-device-type level.
I.e. webcams via pipewire, joysticks via wayland, etc.

However, for block devices we can't just pass things back as there are no
way to do this safely, and in practice it will not work anyway because all
block devices are typically only readable by root.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.freedesktop.org/archives/flatpak/attachments/20191128/7ac6a28c/attachment.html>