Full access to `.config`

Question

Full access to `.config`

dluciv opened this issue 5 years ago · 5 comments

Zoom stores its config right inside $XDG_CONFIG_HOME. Right now, it is reflected in wrapper script.

As there were many claims on privacy ragarding Zoom, it might be better to have an option to lock it just within some subdirectory. It will not pick up real config file, but it will also lose access to the whole .config, which, I guess, is desired by many users.

Answer 1 · 2020-04-08T09:26:40.000Z

It should be possible. We need to check what files is created by Zoom in the .config and add some constraint on the mount argument.
I don't have the time to test but Zoom may use a sub-directory like .config/zoom.

Answer 2 · 2020-04-14T00:16:37.000Z

It doesn't appear to use a subdirectory in ~/.config but rather ~/.config/zoomus.conf. Single files can be bind-mounted in docker with the same -v option that's used for directories

Edit: I take that back... It also created a directory ~/.config/Unknown Organization on my machine, with only a single file named zoom.conf. It's... possible that Zoom might create more directories under ~/.config for separate organizations. I can't test this since I don't belong to any Zoom organization though.

Answer 3 · 2020-04-14T05:16:49.000Z

Unknown Organization... Nice... I increasingly believe Zoom is a malware %)))

Answer 4 · 2020-04-14T08:30:46.000Z

Maybe ~/.config/zoomus.conf is the only file that need to be persistent?
Here something that may be interesting: https://github.com/detrout/apparmor-det/blob/master/opt.zoom.ZoomLauncher#L110-L142

Answer 5 · 2020-05-25T18:12:47.000Z

Use export ZOOM_HOME=${HOME}/zoomus to restrict Zoom access.