Is full filesystem access really necessary to Gradio?
I installed Gradio from Flathub thinking that it might be more suitable for my needs than VLC (which it is) and was surprised by sandboxing allowing file access to host.
file access: host, xdg-run/dconf, ~/.config/dconf:ro
Expected Behavior
Gradio had access only to files and directories that it actually needs.
Current Behavior
https://github.com/haecker-felix/Gradio/blob/9ab2f33a3c3fbc0e7682d733759c8272f08d754f/de.haeckerfelix.gradio.json#L17 allows very wide access to the filesystem
--filesystem=host - access normal files on the host, not including host os or system internals described below
As a general rule, Filesystem access should be limited as much as possible.
From Flatpak sandbox permissions
Steps to Reproduce
flatpak install flathub de.haeckerfelix.gradio
- flatpak shows permissions including file access to host
Detailed Description
As I understood that Gradio is just for searching and listening from online radios, I propose removing --filesystem=host
line (https://github.com/haecker-felix/Gradio/blob/9ab2f33a3c3fbc0e7682d733759c8272f08d754f/de.haeckerfelix.gradio.json#L17).