Add more xdg-directories by default?

https://wiki.archlinux.org/title/XDG_user_directories#Creating_custom_directories

Really interesting article about default directories and non-default ones.

For flatpaks you can easily restrict their access using such referenced directories, but they seem incomplete by default.

Some ideas:

  • smb shares using gvfs or kiofuse
  • /run/media (to avoid host)

this is of course only applicable to static file permissions, but I dont see how every app adopts portals in under 5 years. Also, many workflows seem broken with portals.

Flatpak apps are already blocked from accessing other apps’ ~/.var/app directories, even with --filesystem=home.

1 Like

This is true, but not a complete solution.

This very interesting issue shows how to to an easy privilege escalation when having home folder access.

Flatpak apps having home folder access can override their own permissions! This means they can do anything.

An override like this helps

cat > /var/lib/flatpak/overrides/global <<EOF
[Context]
filesystems=!home;!host;!host-etc;host-os:ro;xdg-desktop;xdg-documents;xdg-download;xdg-music;xdg-pictures;xdg-public-share;!xdg-templates;xdg-videos;home/SPACES;home/Backups;!home/Distrobox;home/Nextcloud;
EOF

This forbids some, allows some others by default. I am not sure if this is the correct way to do, and some xdg-dirs are still missing.

Also, what about /run/media/user, I couldnt find any xdg-dir while that is the location that is used rootless with udisksctl, which I suppose is also some kind of standard.