|
|
|
|
|
|
by StewardMcOy
634 days ago
|
|
|
iggldiggl makes some good points about APIs not being flexible enough, but I also have to ask why go through the complexities of extra APIs? If I'm installing an editor and using it to open my files, I already trust it implicitly with all of my data. That means I also trust it to be reasonably free of RCEs that could modify or exfiltrate my data. I could see your point if this was some fly-by-night web app accessing Google documents. But this is a native app I'm running on my phone or computer. I may have legitimate reasons to access those photos, to embed them into a document. |
|
|
I don't think this is the case for most people in this scenario - at least in a general sense.
For a typical desktop editor sure, but for a mobile editor that goes through Google Drive I wouldn't expect it to have any access to any file in my Drive. And if it did, this could be trivially be used for many horrible things. Meaning, the "type" of data stored in Google Drive versus someone's Documents folder is very different.