this post was submitted on 07 Jul 2024
102 points (94.0% liked)
Linux
48310 readers
645 users here now
From Wikipedia, the free encyclopedia
Linux is a family of open source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991 by Linus Torvalds. Linux is typically packaged in a Linux distribution (or distro for short).
Distributions include the Linux kernel and supporting system software and libraries, many of which are provided by the GNU Project. Many Linux distributions use the word "Linux" in their name, but the Free Software Foundation uses the name GNU/Linux to emphasize the importance of GNU software, causing some controversy.
Rules
- Posts must be relevant to operating systems running the Linux kernel. GNU/Linux or otherwise.
- No misinformation
- No NSFW content
- No hate speech, bigotry, etc
Related Communities
Community icon by Alpár-Etele Méder, licensed under CC BY 3.0
founded 5 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
a curse upon these distros for alarming people with such messages. they are meaningless and technically apply to every flatpak
They mean that the app has that permission. It is good that they let the user know the apps capabilities
Not for the average/casual user, which is why this post exists.
The average person will look at that and see the '!' in a triangle and became scared of what it can do to their system, even though it has no more permissions than a system package. Alternatively, they will become desensitized and learn to ignore it, resulting in installing flatpacks from untrusted and unverified sources.
Overall, I just think the idea around having to sandbox all flatpaks is not a good idea. To give a concrete example, Librewolf is marked as "potentially unsafe" because it has access to the download folder, but if I want to use it to open a file that isn't in "downloads" I have to use flatseal to give it extra permissions - it's the worst of both worlds! Trying so hard to comply with flatpak guidelines that it gets in the way of doing things, and still not being considered safe enough.
I don't know about this in depth, but from what another user in this thread said, a flatpak can't ask a portal to have access to two files at once. If I'm understanding correctly, that would explain why Librewolf needs permission to access ~/Downloads, since it can be downloading more than one file at once, and it needs access to all those files in ~/Downloads at the same time.
EDIT: I got a bit mixed up with what you were saying, but nevertheless, if this is true, then Librewofl would still need permission to access ~/Downloads and so be marked as "potentially unsafe".
Ah, thank you for the explanation, I think I get it.
I get what you mean. When updating Linux mint, the "This needs to get some additional packages too" window, relatively benign, has a big scary ⚠️/
/!\
on it.Felt the need to explain to the person I was installing it for. "That's totally normal, just look it over first and continue."
...like, it's gonna do that almost every time it updates, it doesn't need to look scary. :|
You shouldn't use Android then. It is way worse
It's not the distros, it's Flathub who provides those warnings.
Xournal seems pretty trustworthy to me, so I assume it's for code simplicity (or age) or not being made with Flatpak in mind - just 'open any file/full filesystem access'' (for basic functions like opening files) and 'change system settings' for probably only a few features that change system settings.
I agree the permissions are dangerous and I commend Flatpak for incentivizing developers to use granular permissions.
As others (and you yourself have said), Flatseal's entire purpose is to edit Flatpak lermissions, so that one shouldn't be alarming.