http://flatkill.org/ Flatpak - (is) a security nightmare
Having both (ppa and flatpak) listed in Software Manager confuses most users
I would like a have a separate flatpak-manager package - optional!
Just do a search for LibreOffice in Software Manager
- it gives you > 100 packages to choose from
Unhappy about Flatpaks in Software Manager
Forum rules
Do not post support questions here. Before you post read the forum rules. Topics in this forum are automatically closed 30 days after creation.
Do not post support questions here. Before you post read the forum rules. Topics in this forum are automatically closed 30 days after creation.
Re: Unhappy about Flatpaks in Software Manager
Yep, but only one of them is a flatpak. I don't like flatpaks, either, but I don't think a separate Software Manager is either necessary or even desirable for most users.
- Fred Barclay
- Level 12
- Posts: 4185
- Joined: Sat Sep 13, 2014 11:12 am
- Location: USA primarily
Re: Unhappy about Flatpaks in Software Manager
But (and I don't use flatpaks myself) escaping the sandbox isn't as bad as it sounds.
Is it undesirable? Highly? But even when it occurs, all your flatpaked (is that a word? ) app sees is what every other app in your system already sees. It's not getting any extra permissions as far as I can tell.
Now that local root exploit was bad! Using SUID is hard to get right! And to the team's credit, they got it fixed quickly: https://github.com/flatpak/flatpak/issues/845]
Re: Unhappy about Flatpaks in Software Manager
Except the expectation is different. If you install an app the regular way you (should) know that you give it full access to your system and vet it accordingly before installing it. If you install an app via flathub you're told that it's perfectly safe because it's sandboxed, so you may decide to install something potentially harmful thinking it cannot break out of the sandbox.Fred Barclay wrote: ⤴Tue Oct 16, 2018 6:56 pm But (and I don't use flatpaks myself) escaping the sandbox isn't as bad as it sounds.
Is it undesirable? Highly? But even when it occurs, all your flatpaked (is that a word? ) app sees is what every other app in your system already sees. It's not getting any extra permissions as far as I can tell.
Although to be fair, that's a consideration for only a very small number of people. The large majority of users couldn't care less about security, they just want a working app, that's why I think the approach of including the flathub source in Software Manager is the right thing to do. Nobody is forced to use it.
Re: Unhappy about Flatpaks in Software Manager
The PPA version of flatpak (currently 1.04) explicitly details every permission, if any, that its apps are requesting during installation. As you stated, most users could care less about security.gm10 wrote: ⤴Tue Oct 16, 2018 7:38 pm Except the expectation is different. If you install an app the regular way you (should) know that you give it full access to your system and vet it accordingly before installing it. If you install an app via flathub you're told that it's perfectly safe because it's sandboxed, so you may decide to install something potentially harmful thinking it cannot break out of the sandbox.