I’m not completely sure but don’t flatpaks offer good sandboxing. If they do it could be a good idea for people who use/need proprietary software like steam and zoom so when you run those programs at least it can’t read through your files and stuff
You don’t need to break everything that exists, cause maintenance issues and incur that much overhead to have sandboxing. The security features that allows sandboxing in the first place are also available for regular binaries not installed in some weird ways, with all their advantages and flaws.
Snap is just Canonical’s way of getting more control over things. The only upside of Snap was “easier distribution”, which turned out to not be that true. The downsides, however, especially regarding maintenances and software updates, are very real.
I’m not completely sure but don’t flatpaks offer good sandboxing. If they do it could be a good idea for people who use/need proprietary software like steam and zoom so when you run those programs at least it can’t read through your files and stuff
You don’t need to break everything that exists, cause maintenance issues and incur that much overhead to have sandboxing. The security features that allows sandboxing in the first place are also available for regular binaries not installed in some weird ways, with all their advantages and flaws.
Snap is just Canonical’s way of getting more control over things. The only upside of Snap was “easier distribution”, which turned out to not be that true. The downsides, however, especially regarding maintenances and software updates, are very real.
about flatpak’s sandboxing: https://madaidans-insecurities.github.io/linux.html#flatpak