When installing the Spotify app, flatpak says “proprietary” under permissions / Network Tags.
What does that mean? The docs don’t specify.
Are there plans in the works to make permissions more understandable? In an ideal world, I’d even love to be able to choose restrictions on the default permissions for an app before it installs. Many of the apps have unnecessarily wide permissions, like access to the entire home folder. For an app like Whatsapp, that’s enough to make me choose to run that app in the browser rather than as a flatpak app.
You can restrict permissions when running the app via console or graphically using an app like Flatseal.
If you think the app does not need such permissions to run, you can file an issue with that application asking to lower the permissions.
With respect to Spotify permissions, I think you’re misreading the output:
ipc network pulseaudio x11 dri file access  dbus access  bus ownership  tags 
 xdg-music:ro, xdg-pictures:ro
 org.freedesktop.Notifications, org.gnome.SessionManager, org.gnome.SettingsDaemon.MediaKeys
Propietary is just a tag telling you it’s a propietary app. It also shows that has network access and readonly access to Music and Pictures user directories.
My bad on the tags. Thanks for the correction.
Re flatseal, would that be something that could be integrated into flatpak and supported as a first-class tool? It’d be good if the tool that people use to change permission levels for all their apps (flatseal) weren’t itself something that required them to trust an app by a random developer. The permissions that flatseal has look pretty minimal, but it looks like the main malicious thing it could do would be to allow all permissions on all your installed apps.