Misleading wording for ":create" filesystem access

v1993 · November 13, 2023, 10:26am

Using MEGAsync as an example, it has a few directories listed as “Can create files in the directory”; those are annotated as :create in the manifest. However, this wording is misleading: the actual meaning of :create access, quoting Sandbox Permissions Reference, is

read/write access, and create the directory if it doesn’t exist

Current wording on flathub implies that application will have write-only access to the directory; this may make users think that application can’t actually read files stored in there. This can lead both to users looking to manually switch to read/write access if they want application to be able to read those files and to users believing that their data is more secure (i.e. is not readable by the app in question) than it actually is.

I suggest to change wording to match read/write access more closely:

Can read and write all data in %s (will be created if it does not exist)

Erick555 · November 13, 2023, 2:07pm

I don’t understand - the description says as you quoted read/write so what makes you think it’s write only?

v1993 · November 13, 2023, 2:21pm

That’s the description in flatpak docs for developers, which many end users probably won’t read. This is what flathub shows:

Screenshot_20231113_171932

No mention of read access in here.

razzeee · November 15, 2023, 4:01pm

You’re right, I think I wanted to be smart and thought gnome-software used the wrong string there (they just say it’s read/write like normal)

v1993 · November 16, 2023, 8:26am

Confirmed as resolved; now the generic “Can read and write all data in the directory” message is used.