From d9e0bb15f69abd7ff968141b4c31d7c3c837eff0 Mon Sep 17 00:00:00 2001
From: Robin Opletal <49439044+fourstepper@users.noreply.github.com>
Date: Sun, 3 Jan 2021 13:06:13 +0100
Subject: [PATCH] Reduce file access, add StatusNotifierWatcher for KDE

Closes https://github.com/flathub/com.mattermost.Desktop/issues/19 , improves security.

Possibility of closing https://github.com/flathub/com.mattermost.Desktop/issues/13, needs testing
---
 com.mattermost.Desktop.json | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/com.mattermost.Desktop.json b/com.mattermost.Desktop.json
index ab85869..c60c053 100644
--- a/com.mattermost.Desktop.json
+++ b/com.mattermost.Desktop.json
@@ -13,9 +13,14 @@
         "--socket=pulseaudio",
         "--share=network",
         "--device=dri",
-        "--filesystem=home",
+        "--filesystem=xdg-documents:ro",
+        "--filesystem=xdg-pictures:ro",
+        "--filesystem=xdg-music:ro",
+        "--filesystem=xdg-videos:ro",
+        "--filesystem=xdg-download",
         "--talk-name=org.freedesktop.Notifications",
         "--talk-name=com.canonical.AppMenu.Registrar"
+        "--talk-name=org.kde.StatusNotifierWatcher",
     ],
     "modules": [
         {