Unhappy about Flatpaks in Software Manager

Chat about just about anything else
arty
Level 1
Level 1
Posts: 1
Joined: Tue Oct 16, 2018 4:04 pm

Re: Unhappy about Flatpaks in Software Manager

Post by arty » Tue Oct 16, 2018 4:23 pm

http://flatkill.org/ Flatpak - (is) a security nightmare

Having both (ppa and flatpak) listed in Software Manager confuses most users
I would like a have a separate flatpak-manager package - optional!

Just do a search for LibreOffice in Software Manager
- it gives you > 100 packages to choose from :(

gm10
Level 12
Level 12
Posts: 4192
Joined: Thu Jun 21, 2018 5:11 pm

Re: Unhappy about Flatpaks in Software Manager

Post by gm10 » Tue Oct 16, 2018 4:44 pm

arty wrote:
Tue Oct 16, 2018 4:23 pm
I would like a have a separate flatpak-manager package - optional!

Just do a search for LibreOffice in Software Manager
- it gives you > 100 packages to choose from :(
Yep, but only one of them is a flatpak. I don't like flatpaks, either, but I don't think a separate Software Manager is either necessary or even desirable for most users.

User avatar
Fred Barclay
Level 12
Level 12
Posts: 4156
Joined: Sat Sep 13, 2014 11:12 am
Location: Bumping around in the bush

Re: Unhappy about Flatpaks in Software Manager

Post by Fred Barclay » Tue Oct 16, 2018 6:56 pm

arty wrote:
Tue Oct 16, 2018 4:23 pm
http://flatkill.org/ Flatpak - (is) a security nightmare
But (and I don't use flatpaks myself) escaping the sandbox isn't as bad as it sounds.
Is it undesirable? Highly? But even when it occurs, all your flatpaked (is that a word? :P) app sees is what every other app in your system already sees. It's not getting any extra permissions as far as I can tell.

Now that local root exploit was bad! Using SUID is hard to get right! And to the team's credit, they got it fixed quickly: https://github.com/flatpak/flatpak/issues/845]
Image
"Once you can accept the universe as matter expanding into nothing that is something, wearing stripes with plaid comes easy."
- Albert Einstein

gm10
Level 12
Level 12
Posts: 4192
Joined: Thu Jun 21, 2018 5:11 pm

Re: Unhappy about Flatpaks in Software Manager

Post by gm10 » Tue Oct 16, 2018 7:38 pm

Fred Barclay wrote:
Tue Oct 16, 2018 6:56 pm
But (and I don't use flatpaks myself) escaping the sandbox isn't as bad as it sounds.
Is it undesirable? Highly? But even when it occurs, all your flatpaked (is that a word? :P) app sees is what every other app in your system already sees. It's not getting any extra permissions as far as I can tell.
Except the expectation is different. If you install an app the regular way you (should) know that you give it full access to your system and vet it accordingly before installing it. If you install an app via flathub you're told that it's perfectly safe because it's sandboxed, so you may decide to install something potentially harmful thinking it cannot break out of the sandbox.

Although to be fair, that's a consideration for only a very small number of people. The large majority of users couldn't care less about security, they just want a working app, that's why I think the approach of including the flathub source in Software Manager is the right thing to do. Nobody is forced to use it.

ajgringo619
Level 4
Level 4
Posts: 483
Joined: Thu Mar 01, 2018 8:36 pm
Location: San Diego, California

Re: Unhappy about Flatpaks in Software Manager

Post by ajgringo619 » Tue Oct 16, 2018 7:51 pm

gm10 wrote:
Tue Oct 16, 2018 7:38 pm
Except the expectation is different. If you install an app the regular way you (should) know that you give it full access to your system and vet it accordingly before installing it. If you install an app via flathub you're told that it's perfectly safe because it's sandboxed, so you may decide to install something potentially harmful thinking it cannot break out of the sandbox.
The PPA version of flatpak (currently 1.04) explicitly details every permission, if any, that its apps are requesting during installation. As you stated, most users could care less about security.
[Mint 19 XFCE, AMD FX-8350 Eight-Core w/16 GB RAM, 4.15.0-39-generic, GeForce GTX 960 w/Nvidia 410.73]
Image

Post Reply

Return to “Open chat”