that website is such a joke, I can’t believe the guy’s still paying for the domain name… The whole argument boils down to “Many flatpak apps don’t make use of the sandbox by default, which is <somehow> less secure than not having a sandbox at all” and “this one app I like doesn’t work in flatpak, therefore all of it is bad”.
…unless it literally is a joke and I’m just missing out on the sarcasm?
Its only worse than not having it at all in the sense of giving users a false sense of security. Imagine if apps on mobile could decide what permissions they want automatically granted without the user opting in. The sandbox HAS to be enforced by default to be good. And the other issue with flatpak is the security, which we had several problems with in the past. On the same note, people criticise snap but its a much more competent solution from a technical standpoint regarding security and since people get all their apps from flathub anyways, the “propreitary” backend is mostly irrelevant. And before anyone says “snap store had malware hosted” that is not an issue with the format itself but the infrastructure.
Its only worse than not having it at all in the sense of giving users a false sense of security.
Flathub’s website has a bigass banner telling you if an app requires permissions that they consider dangerous. And flatpak’s CLI tells you what permissions are needed when installing an app. It’s pretty hard to miss, no?
flatkill.org
that website is such a joke, I can’t believe the guy’s still paying for the domain name… The whole argument boils down to “Many flatpak apps don’t make use of the sandbox by default, which is <somehow> less secure than not having a sandbox at all” and “this one app I like doesn’t work in flatpak, therefore all of it is bad”.
…unless it literally is a joke and I’m just missing out on the sarcasm?
Its only worse than not having it at all in the sense of giving users a false sense of security. Imagine if apps on mobile could decide what permissions they want automatically granted without the user opting in. The sandbox HAS to be enforced by default to be good. And the other issue with flatpak is the security, which we had several problems with in the past. On the same note, people criticise snap but its a much more competent solution from a technical standpoint regarding security and since people get all their apps from flathub anyways, the “propreitary” backend is mostly irrelevant. And before anyone says “snap store had malware hosted” that is not an issue with the format itself but the infrastructure.
Also. Maintaining snap packages are easier for developers, and companies, therefore they are more likely to distribute apps on Linux to begin with.
Flathub’s website has a bigass banner telling you if an app requires permissions that they consider dangerous. And flatpak’s CLI tells you what permissions are needed when installing an app. It’s pretty hard to miss, no?
This is still not a reason to automatically grant them. This permission model is fundamentally flawed. Besides, the CLI doesn’t even show these.