Goal
Harden Tauri security profile (CSP + least-privilege FS permissions)
Type
Technical + Security
Effort
M
Impact
High
Evidence
CSP is disabled (csp: null) in src-tauri/tauri.conf.json; capability includes broad fs:allow-remove in src-tauri/capabilities/default.json
First Implementation Step
Define explicit CSP policy and reduce/remove broad FS permissions not required by features
Goal
Harden Tauri security profile (CSP + least-privilege FS permissions)
Type
Technical + Security
Effort
M
Impact
High
Evidence
CSP is disabled (
csp: null) in src-tauri/tauri.conf.json; capability includes broadfs:allow-removein src-tauri/capabilities/default.jsonFirst Implementation Step
Define explicit CSP policy and reduce/remove broad FS permissions not required by features