Why is Dropbox access global?

I love infuse, but while I use dropbox for all my “stuff”, I simply don’t want to use it for infuse because of very intrusive grants infuse is asking, why?

Why does infuse need global edit on all my dropbox folders? Why the token cannot be following least privilege approach or at least give me the option “all folders for simplicity - default, apps/infuse folder only for maximum security”

As Dropbox own guide states " Always ask for the least amount permissions required by your applications. Requesting more scope and content access than required may result in end users not accepting your OAuth request" Dropbox OAuth Guide - Dropbox

1 Like

People use Dropbox in many different ways, so having access to all files allows Infuse to work for the greatest number of people.

Here’s an excerpt from the guide you linked.

Content Access

As you create your Dropbox application, you will also be prompted to select the scope of file access. Currently, these two options are:

  • App Folder: Your application will be able to take actions allowed by its scopes on data within its app folder only (in the /apps folder). This option is suitable for apps that export content or manage only their content.
  • Full Dropbox: Your application will be able to take actions allowed by its scopes on all data within the user’s Dropbox account. This permission is appropriate when your application needs to regularly access pre-existing content in the user’s account.

Since Infuse is most often accessing existing content, the Full Dropbox option seems to be appropriate here. Aside from that, we have set the permission scope required by Infuse to be as limited as possible.

Also, keep in mind the connection to Dropbox is done directly between your device and Dropbox. This info does not pass through any of our servers, and we have no way to access or see any files you have stored in Dropbox or on your device.

I really do understand the token scope and storage… but still you are basically asking to blindly trust that you are never ever going to do anything unexpected (not even possible bug) - your app has access to a token with full read/write access to all my dropbox folders (it does not matter if its in my cloud store, you have access to it indirectly via app you control)

what I am asking if there is a possibility to offer next to existing access scheme also more restricted grant to a single dropbox directory which would of course mean that I cannot freely browse and play anything from any dropbox folder, but I would have strong guarantee you cannot see/change my personal stuff

1 Like

Dropbox doesn’t currently support having multiple access levels for a single app (there is just one group of access settings to select from that apply to all users), but if they add this in the future we could certainly look into providing options that would be closer to what you’re looking for.

Yeah, I too would like to have some more restricted Dropbox access.

My issue is not that I’m too worried about unauthorized access from Firecore, but more about sharing with others.

I’d like to give my kids access to my Videos folder in Dropbox from their Infuse installations, but I don’t want them having access to my entire Dropbox folder.

Currently I just share direct links to individual files on request but it’s a bit of a hassle.

One workaround for this would be to create a favorite for the Dropbox folder you want your kids to access.

Once that is done, you can enable parental controls and add a PIN code to the main Dropbox share, or any other folders you don’t want them going into. This can be done by long-pressing on a Favorite or folder.

Having Parental Controls enabled also requires a PIN to access the Settings area, which isn’t a bad idea to have enabled for kids anyways.

Yes, thanks, that is a reasonable workaround for now.

2 Likes

When I was going to upload a file from drop box to infuse, this pops up;

“ Infuse would like to:

  • Edit content of your Dropbox files and folders, view content of your Dropbox files and folders, and view and edit information about your Dropbox files and folders

  • View basic information about your Dropbox account such as your username, email address and country”

Why would infuse need to gain access to all of my dropbox folders and files and, to then view and edit them ?

I’m sorry, but this is not happening and I would strongly suggest to any infuse + dropbox user to not allow anyone to have full access to your entire dropbox account, and for them ( whoever ) to do whatever they want to do with ones files and folders. I’m not saying they would tamper with the data, but it wouldn’t be the first company to say one thing but do another.

Giving infuse access to one dropbox folder should be enough, but letting them / anyone to have access to any and everything in dropbox and legally giving them the right to read, write and delete whatever they want is foolish.

For me personally, this could be ( previously I said this was the end but I know it wont be) the end of my infuse experience as I cannot support an app that wants full read/write access to absolutely everything in dropbox.

Edit;

I do like infuse, everything else in the app store is crap compared to it. I like the gui in infuse, it’s basically perfect for ipads, but it now looks like I will have to go the DLNA route, which I don’t like as a lot of files take ages and ages to start playing, we speaking multiple minutes.

Just to add, dropbox was my main way to get files for infuse as basically my entire library of stuff was already on dropbox, and half of it I don’t want shared with the world.

If anyone is wondering, serviio DLNA streamer / server works good with infuse.

Great questions! :slight_smile:

I moved your post to an existing thread where this was previously discussed.

Hi, my bad, I didn’t realise that there was a thread regarding the same topic, I did have a quick scan to see if there was one but I never saw any, cheers for the link / merge.:+1:t2: