Comment by ptx
6 hours ago
So websites can now nag users to allow access to the root of their local disk and then read all their files and settings, all their SSH keys and other passwords?
From what I gather from the docs [1], this API gives you a FileSystemDirectoryHandle object, and then you just call getDirectoryHandle() on that to recursively read the the entire filesystem. The spec [2] has some vague suggestions about blacklisting certain particularly sensitive files, which doesn't seem reassuring.
[1] https://developer.chrome.com/docs/capabilities/web-apis/file...
[2] https://wicg.github.io/file-system-access/#privacy-wide-acce...
> So websites can now nag users to allow access to the root of their local disk
No, Chrome doesn't allow this.
Here's a simple demo: https://output.jsbin.com/kekekac/quiet - note that you can't select root, Downloads etc.
In this example
https://web.dev/patterns/files/open-a-directory
I can select Downloads
I could select /boot and ~/.cache. Genius. Given how smart are many Internet users this will definitely not cause any misuse.
1 reply →
Ah yes, totally secure. I’m sure there will be no unforeseen problems or bypasses.
It's been in Chrome for 6 years and I'm not aware of any problems it's caused.
7 replies →
Root directory would be on that blacklist for sure.
Those "vague suggestions" actually seem to include some pretty specific examples.
> A user’s entire "home" directory. Individual files and directories inside the home directory should still be allowed, but user agents should not generally let users give blanket access to the entire directory.
That's not at all specific. What individual files and directories?
All of them, unless they're also on the list of examples to exclude (like the Downloads folder).
I think the point is that as long as the user is sharing things on purpose and not by accident, it should be allowed. Selecting the root of the home directory would probably share a lot of things the user didn't really intend to share (because a lot of apps just dump random config files and stuff in there), but if they specifically select a subfolder they probably have a good idea of what that folder contains.
Is the camera roll excluded? I bet I am not the only one who has a passport picture in there. I don’t know about other people’s camera rolls, but I bet it is occasionally more saucy than mine.
(Sorry for not testing. Chrome-hater)
Let's not forget that, at the same time, Google forces every developer of any Android app to register in the Google database using an ID scan, otherwise no one can install it.
All for the sake of "dear user safety".