Is Full Dropbox access really necessary?

Smudge
Smudge
Community Member
edited November 2012 in iOS
I'm very conscious about my security and something that has bothered me for a while now is that 1P is configured to need full access to my entire Dropbox. I was really hoping that with v4 that you would switch to using the sandboxed App Folder access level but as of 4.0b32, it is still using the Full Dropbox level.

My experience with the Dropbox API is limited, especially compared to your developers, but from what I understand, Full Dropbox access is a lot more work to maintain in your code than if you choose the App Folder level. Have your developers looked into switching?

Doing this might also help to fulfill a long-standing request by many users of the ability to have multiple 1P data files (personal, work, family shared, etc). It could create separate folders for each data file. When you are running 1P, you could have the option to switch between the data files (similar to the demo data).


I can see that this would be more work as you would also need to update the Mac and Windows desktop versions to use the new location. Perhaps have it configured to check the App Folder first and if it doesn't exist, use the Full Dropbox level. Once it finds the 1P data file, it could notify the user that it needs to migrate to the App Folder level for future compatibility.

Just a though. Please seriously consider this for a future enhancement. I'm becoming more frustrated with all the apps requiring full access when it just isn't necessary.

Comments

  • thightower
    thightower
    Community Member
    edited November 2012
    Dropbox app folders aka limited access cannot be shared between accounts. Thus the wife and I cannot share a single keychain between our 2 Dropbox accounts.

    This is how Dropbox setup the apps folders they would need to institute a change to accommodate sharing of the keychain etc.

    This would amount to a huge headache for me and many like myself.

    You mention shared family keychain this would not be possible without full access unless you all share a Dropbox account.

    Apps folders do have there place but unfortunately for me until Dropbox changes there setup. I doubt it will change they do things there own way and as they see fit. I know I am a moderator there as well.

    iCloud is already setup as a user based ID system and is causing issues as to why folks cannot share data. That's honestly why I never have and probably never will embrace iCloud fully.

    Your last remark I do like. If I am not mistaken Vimeo can use either the app folder or full Dropbox. I could see this (using both full and app folder) as an enhancement that could suit all parties. While adding piece of mind to those who do not want full Dropbox access and do not share a data file.
  • Hi Smudge,

    Great questions:

    1. Like Tommy said, apps folders cannot be shared, this is used by a lot of our users, it is too big of a restriction at the moment. Not only family but businesses who shares the same data file across many employees can't do this either.
    2. Majority of our users would have to change and move to this newer structure (not as easy as it sounds like, based on our previous experience on this already), this is also too big to migrate and doesn't really justify the move until Dropbox can provide more reasons to do so.
    3. Providing such a limited access does not really make it possible to switch the data file in the 1Password app at any given moment, that is never the reason why we can't do this. 1Password itself can switch and read different data files but the app itself is not designed to do so when considering the complex network it is in, such as the syncing implementations and how it affects your browser extensions on desktop, backups and so on. It's not as simple as having a special container for storing the data files.
    4. The demo data file is not technically separate data file on disk, we're storing an export file of the demo database and are recreating the data file in memory each time you use it. That's why when you kill the app or unlock with your master password, the data is reset.
    5. If we do what you suggested in the last part, about switching access levels, that's already more work than it is to do the full Dropbox access only.

    We're not saying that we won't go limited apps folder in the future but right now, it doesn't give any huge benefits for our customers to justify the move. Eventually as Dropbox continues to improve their APIs and add more features, it'll start to look good.

    We also have to be conservative here, the sandbox/limited APIs are still new to Dropbox. Dropbox tend to switch around with their SDKs until they're sure about going one way. We had some nasty experience about this in the past, so we want to stick with something that'll be stable for a few years without any sudden disruption.

    The good news is that as we expand our sync solutions, this time including iCloud, it'll be less painful if when we do change the APIs in the app in the future as customers will have a fallback sync option if they're not happy with the changes (in this case, the apps folder cannot be shared part).

    I hope this helps.
This discussion has been closed.