We are aware of the issue with the badge emails resending to everyone, we apologise for the inconvenience - learn more here.

quarksparrow's avatar
quarksparrow
New member | Level 2
4 years ago
Status:
Closed

Manage Stricter App Permissions

I use various third party apps that sync files to dropbox (or scan folders for things like media files). These apps have edit permission to my ENTIRE account, even though they really only need access to one folder. I want to be able to specify which folders I grant access to for an app. Giving full access is a terrible security practice - even if I trust the app developers not to abuse it, if their app is compromised, that doesn't matter.

 

I realize that apps can request access to only a specific folder, but most do not do this. They ask for everything, because it's easier. As a user, I should be able to restrict what they're given when I grant access and accept the consequences of app instability if I take away something it wants. Even if apps apply bad security practices, DropBox has the power to enforce better ones, and should do so.

  • Walter's avatar
    Walter
    Icon for Dropbox Staff rankDropbox Staff
    Status changed:
    Not for right now
    to
    Closed
    This idea has been closed as it has reached the end of the Share an Idea process.
     
    Thank you for your suggestion, and if you have another idea to share, please do! 
  • Walter's avatar
    Walter
    Icon for Dropbox Staff rankDropbox Staff
    Status changed:
    Gathering Support
    to
    Not for right now

    Thank you for your idea, while we can’t take every idea forward we do regularly re-review and will update you if anything changes!

  • Walter's avatar
    Walter
    Icon for Dropbox Staff rankDropbox Staff
    Status changed:
    New
    to
    Gathering Support
    This idea is going to need a bit more support before we share your suggestion with our team. 
     
    We’ve updated the status to encourage more users to back you up! 
  • Welshdog's avatar
    Welshdog
    Explorer | Level 3

    I agree 100% with what you are saying. I just discovered this and find it more than a little disturbing. I was considering using Dropbox to sync an encrypted password manager file, but now that I see three other apps I use will have access to my entire Dropbox, I'm not so sure I want to do that. The decisions on what files an app has access to should be up to the account owner not some lazy app developer.

     

    I guess one solution is to create a new, separate Dropbox account that is used only for a specific app. That is inelegant and probably not what Dropbox wants people to do.