[feature request] files/media/text transfer between profiles

robert22591

I got my two pixel devices last week specifically to install GOS and was very excited, despite the fact that you're using google's hardware(yeah, I read the whys and wherefores).
Sadly though, I was highly disappointed to find out there's no convenient way whatsoever to move files/media/text/clipboard (of course with permission etc) between profiles.
I'm not sure if it's planned in the near future, but the whole idea with profiles is compartmentalization(correct me if I'm wrong), and without proper way to communicate between the profiles is just unusable.
This is one of the main reasons I decided to switch
I do realize you have your own issues with limited staff, etc., but this is absolutely a must. Without it, the whole idea of using GOS is lost, because otherwise, installing and working with today's apps compromises the device.

SgtSurehand

robert22591 there are ways you can access files from multiple profiles like USB or online storage. I do not understand why you see profile separation as a disadvantage, that is the whole point of using them. Apps in different profiles don't see each other, files in different profiles don't use the same encryption so are not mutually accessible. This is a good thing, like having multiple devices in one.

fid02

If GrapheneOS were to include such a feature, I'd prefer it to be gated behind an opt-in toggle. I don't want to accidentally transfer files between secondary profiles, or to be able to view files from my other profiles from within the Owner profile. I use Private Space for situations where this is more acceptable to me.

robert22591 Without it, the whole idea of using GOS is lost, because otherwise, installing and working with today's apps compromises the device.

Perhaps your intention behind using GrapheneOS is now lost. There are certain features that I highly wish GrapheneOS would work on and include. But currently I find the total package of features – listed on grapheneos.org – to be more than appealing enough.

Not sure what is meant by "compromise". Usually that term is used when malware has infected a device. But you probably mean it in some other context.

argante

SgtSurehand

correct me if I'm wrong)

Yes, you are wrong. What you are describing is simply copying files. It seems to me that you want to have something like QubesOS but in GOS. In QubesOS you can copy files between VMs, but there you have a parent host and an application VM. GOS was never designed in this way. You expect implementation of a solution that will only weaken the security and privacy of GOS. Copying with permissions? How is this supposed to work? If an untrusted profile is compromised, will it be able to copy malicious files to other profiles? Is this what you want to achieve?

You were already told that you can achieve this in other ways: you can use some trusted USB drive, microSD, ProtonDrive etc.

btw. GOS gives you interesting possibilities, because you can run e.g. Signal on one profile, switch to another profile and if someone calls on this Signal, you will be able to answer the call from the second profile.

KleinesSinchen

Maybe the app "Inter Profile Sharing" is an option. It is available via Accrescent.
https://github.com/VentralDigital/InterProfileSharing

I've never used it myself and can't say if this is convenient and practical.

robert22591

KleinesSinchen
I’m aware of it, even though I didn’t test it myself. However, relying on a third party isn’t an option for some critical parts, such as intercommunication between profiles.
This needs to be done at the GOS level.

raccoondad

KleinesSinchen I've never used it myself and can't say if this is convenient and practical

I have, it works fine, but can be tedious. Hopefully someone creates a PR that fixes some of the shortcomings.

SgtSurehand

robert22591 intercommunication is not what they're designed for, more for lack thereof.

DeletedUser203

robert22591 This is not a matter of opinion, security by compartmentalization is a huge factor and if one can't use it accordingly it's a major issue.

This is a matter of opinion.. one seems to be on a crusade to break it,

other8026

robert22591 There's no reason to be so rude to another member of the community. I've removed your post. You joined a few hours ago. This isn't a good way to start interacting with the community or the project.

I'm not aware of any plans to add this functionality. One of the benefits of profiles is that they have different encryption keys. You can use a usb drive, cloud storage like Proton Drive or similar, or InterProfileSharing as KleinesSinchen suggested.

JollyRancher

From an ease of use perspective, it absolutely should be a thing.

Currently Interprofile Sharing (via Accrescent) is the best option.