Ah okay, I think I’ve got it.
The file selector doesn’t just select the file, it creates special permissions that give access to a particular file.
I had stuck to the old model: the sandbox blocks access to folders and everything linked to the application runs in the sandbox (as in my example with MarkText).
So I just did the test:
If I remove the permissions in FlatSeal, even if I enter the name of a file by hand, it can’t open it (the application can’t see it). But I can open it with the file selector, which will change the file’s permissions, allowing it to be opened in the app.
And if in Flatseal I authorize the download folder, I can actually open my files by entering the path directly, without going through the selector, and it works. But it doesn’t work for the other folders.
So that seems normal, but it’s confusing. I used to have a file selector in the sandbox.
From a security point of view, I’m not really convinced, but I guess it’s well done.
Thanks for your answers and sorry for my slow thinking ;(