Comment by ibash
8 months ago
> Obsidian plugins have full, unrestricted access to all files in the vault.
Unless something has changed, it's worse than that. Plugins have unrestricted access to any file on your machine.
When I brought this up in discord a while back they brushed it aside.
Having recently read through a handful of issues on their forums, they seems to brush aside a lot of things. It's a useful tool but the mod / dev team they have working with the community could use some training.
If you're using a flatpak, that's not actually the case. It would have very restricted access to the point where you even would have to explicitly give it access to user /home.
You're wrong. The obsidian flatpak ships by default with access to /home. https://github.com/flathub/md.obsidian.Obsidian/blob/5e594a4...
I „love” such sandboxing defaults. Apps like Docker Desktop also share the whole home by default [1], which is pretty interesting if a big selling point is to keep stuff separated. No idea why node_packages need to have access to my tax returns :). Of course you can change that, but I bet many users keeps the default paths intact.
[1] https://docs.docker.com/desktop/settings-and-maintenance/set...
2 replies →
Interesting, I thought I had to turn that on for Obsidian!
The first time I started installing flatpaks I ran into a bit of permission / device isolation trouble and ever since then, I use flatseal after installing an app to make sure it actually has access to things.
I guess I misremembered in the case of Obsidian.
So if I run their software in a container they can't access my entire filesystem. I don't think that is a security feature.
It sounds like if I ever run obsidian I should be using flat seal too.
Er, what?
I'm not claiming it's a security feature of Obsidian, I'm saying it's a consequence of running a flatpak - and in this situation it could be advantageous for those interested.
2 replies →
What if you run little snitch and block any communications from obsidian to anything?
Or firejail. Or QubesOS using a dedicated VM. There are options, but it would still be nice if Obsidian had a more robust security model.
I have been using firejail for most of these kind of applications, be it Obsidian, Discord, or the browser I am using. I definitely recommend people start using it.
10 replies →
Little snitch can block open(2)?
I treat LS as a privacy/anti-telemetry/anti-accident tool, not as anti malware.
Obviously it can detect malware if there’s a connection to some weird site, but it’s more like a bonus than a reliable test.
If you need to block FS access, then per app containers or VMs are the way to go. The container/VM sandboxes your files, and Little Snitch can then manage externa connectivity (you might still want to allow connection to some legit domains—-but maybe not github.com as that can be use to upload your data. I meant something like updates.someapp.com)
Very, very good point
I got lazy
Time to crank the paranoidmeter up again
ty
I believe they're saying it can open, it just can't send the data anywhere.
Seems a little excessive, but here we are.
5 replies →
Is this true on Mac? Usually I am notified when programs request access outside the normal sandboxed or temp folders. Not sure how that works in any detail though.
Ah I guess that's one reason some folks started running it in a docker container. I think Linux server recently released a container for it.
To be fair it also ships with the ability to install community plugins disabled.
To be fair, it’s no worse of a dumpsterfire than any other plug-in ecosystem.