I got an app rejected with the following complaint:
Thanks for the app. It was rejected, though, as after the removal of the app there were files left in the following forbidden locations:
f/- 0644/0000 32768/0 /home/defaultuser/.qmf/database/qmailstore.db-shm
f/- 0644/0000 8272/0 /home/defaultuser/.qmf/database/qmailstore.db-wal
The allowed folders are:
[...]
Okay.
Now, my app is properly sandboxed, with only the Audio permission, and a pure QML app. So I couldn’t create these files even if I wanted.
What I do have in the app though, is a mailto: link in the about page (launched on click through Qt.OpenUrlExternally()).
I guess whoever tested that app clicked this, and it launched the Email app, causing the ~/.qmf/database/qmailstore.db to be opened, and sqlite creating these files.
I could fix this, probably, by including the Email permission, as that does grant access to ~/.qmf.
So, would that resolve the complaint?
I would be reluctant to do that on grounds of the “Principle of least privilege” - the app really doesn’t need Email access, and that permission pulls in several others, like Internet and AppLaunch.
That being said, I guess Harbour Testers use some kind of script to detect things like these - and I would suggest to add these sqlite files in well-known locations to some kind of whitelist.
)