|
|
|
|
|
|
by amckinlay
3085 days ago
|
|
|
Pretty extraordinary that a user's most important files (their documents and whatever else is in their home folder) are accessible to any app at any time. Why are we still using this outdated security model? On Windows, I could download an .exe and it could upload the entire contents of my Dropbox without even prompting for elevation or anything. Kinda scary when you think about it. |
|
|
Because it's convenient. The alternative would be something like flatpak's portals, which funnel everything through a few standardized dialogs; but how would you for instance use them to implement a media player application which scans for mp3 files, reads their tags, and presents them on a list? A "select a directory" portal dialog either would not allow for a recursive scan, or risk a non-technical user selecting their home directory, and either way would be a strange interruption in the workflow. (I understand, however, that Android has done precisely that for removable SD cards...)