Data Sandboxing using Graphs

In Tracker 3.0, the search index is divided into multiple graphs.

The filesystem indexer maintains the following graphs:

  • tracker:FileSystem: stores names of all files and folders that are indexed

  • tracker:Audio: stores metadata of audio files

  • tracker:Documents: stores metadata and contents of text and wordprocessor documents, spreadsheets, and presentations

  • tracker:Pictures: stores metadata of picture files

  • tracker:Videos: stores metadata of video files

  • tracker:Software: stores metadata of desktop and iso files

Applications inside a Flatpak sandbox access the search index via xdg-tracker-portal. They need to declare in advance which graphs they will access. Apps should only access graphs relevant to them, e.g. music player apps should only access the tracker:Audio graph.

The tracker:Documents graph is much more sensitive than the others, as documents are much more likely to contain private user information than other types of content, and the search index will store the contents of these files.

The xdg-tracker-portal does not provide a way for apps to actually read the files. It is intended only for listing and searching user content.

Notes:

  • queries are currently limited to a maximum of 10 graphs.

  • queries should always specify a graph because it's faster that way

Projects/Tracker/Documentation/Graphs (last edited 2020-06-01 13:26:11 by JeanFelder)