My understanding is that flatpaks run in a sandbox, so although there is a risk- especially for what you give permissions to- it’s not exactly the same. The AUR is basically “curl | bash”, it’s a miracle this hasn’t happened before. If you’re worried about it I think flatseal can look at the permissions and such, but you’re probably fine.
Just check the permissions of an app before installing. Bazaar has a gauge for how “safe” an app is based on permissions. If it doesn’t request internet, filesystem access, and other powerful permissions, it’ll be marked as the safest.
Really it’s the same as docker. It’s secure most of the time, but don’t come crying about getting hacked if you give all your containers access to /dev, host networking, etc
While they are sandboxed, there is still potential for them to cause harm. Its in theory a safer system, but nothing is full proof. I’d agree that its likely fine but best to be cautious
Could the same thing happen on Flathub? Considering the number of unverified packages on the platform
My understanding is that flatpaks run in a sandbox, so although there is a risk- especially for what you give permissions to- it’s not exactly the same. The AUR is basically “curl | bash”, it’s a miracle this hasn’t happened before. If you’re worried about it I think flatseal can look at the permissions and such, but you’re probably fine.
Nope, the security is basically a gate in the middle of a field.
Just check the permissions of an app before installing. Bazaar has a gauge for how “safe” an app is based on permissions. If it doesn’t request internet, filesystem access, and other powerful permissions, it’ll be marked as the safest.
Really it’s the same as docker. It’s secure most of the time, but don’t come crying about getting hacked if you give all your containers access to /dev, host networking, etc
“App with access to files can access files”
Yeah that post is 5 years old, I would think a lot of that has changed by now
Ha! That sucks. I appreciate that article but now I’m having a little bit of an existential crisis.
Well shit.
While they are sandboxed, there is still potential for them to cause harm. Its in theory a safer system, but nothing is full proof. I’d agree that its likely fine but best to be cautious