window.showDirectoryPicker opens up a whole new world

Posted by steveharrison 1 day ago

window.showDirectoryPicker opens up a whole new world(steveharrison.dev)

112 points | 109 commentspage 3

qwertytyyuu 1 day ago|

Read, sure, already can do that with file upload. Write sounds like a disaster waiting to happen

functionmouse 1 day ago||

everything is Chrome in the future

AlienRobot 1 day ago||

I wish we had this in the operating system. It would solve an immense number of risks such as data deletion from bugs and even ransomware.

jeroenhd 1 day ago||

Which operating system do you mean? Flatpak has this already, Android enforces this kind of API for shared files, Windows UWP has pretty much the exact same API (https://learn.microsoft.com/en-us/uwp/api/windows.storage.pi...).

App developers will often choose not to sandbox their applications because it's a lot easier (and sometimes faster) do to all file management yourself, but the APIs are there and ready to be used.

AlienRobot 1 day ago||

Flatpak is probably the worst way to "have" this possible. It's completely opaque to both app and user. If you ever tried to run an .exe through flatpak'd bottles, you'll run into an issue where .dll's aren't found because you didn't install flatseal first to configure permissions. That's not operating-system level integration. That is actually very poor design that a user requires a separate app (flatseal) to configure how the sandbox works.

I was thinking about desktop OS's, actually.

You don't need to use that Windows API. You can just access any file you want. There is no reason a music player, for example, needs to access ~/Pictures. An arbitrary program requiring access to all your files is a huge red flag, but it's a red flag that users aren't allowed to see. Proper filesystem permissions would fix that.

asdfsa32 1 day ago||

MacOS has this and what happens is that you get into the habit of just clicking through it. It won't help with ransomware, only backups would.

AlienRobot 1 day ago||

That just means it's poorly designed. There has to be a way to design this in such way it works.

znpy 1 day ago||

> Chrome introduced a new API, window.showDirectoryPicker() that allows the user to grant access to a directory on their computer and allow a website to read/write everything inside.

I mean, what could go wrong?

It's not like an user is tricked into uploading a file from a folder (let's say, the main "Documents" folder) and some malicious website steals all the files over there.

bigrocketapps 1 day ago|

If you tried this out in Linux, for example, the system would block you from selecting folders that contain files that are flagged as dangerous or "system files". I'm assuming this was implemented across all OSes.

blharr 1 day ago|||

That does not sound at all reassuring, that the only safeguard is the system blocking access and that the API has no safeguard.

Its also easily possible to have sensitive files misplaced, especially for a general non-technical user that would be the one falling for a browser hijacking attack

bigrocketapps 1 day ago||

I have not checked the source code to tell you if the system is the one blocking access or the browser-level API itself. I'm guessing it's the browser. The only reason I mentioned Linux is that's where I tested it and I'm sure there are differences across OSes.

My biggest concern here is the write permission.

znpy 1 day ago|||

i give zero F about whatever is in my /usr, /var/lib and /opt folders.

what are websites gonna steal, debian binaries and libraries?

all my important stuff are in my home directory, which is owned (read+write) by me, the same user running the browser.

haeseong 1 day ago||

[flagged]

ang_cire 1 day ago|

[dead]