cross-posted from: https://infosec.pub/post/15781466
Am I out of touch?
No, it’s the forward-thinking generation of software engineers that want elegant, reliable, declarative systems that are wrong.
cross-posted from: https://infosec.pub/post/15781466
Am I out of touch?
No, it’s the forward-thinking generation of software engineers that want elegant, reliable, declarative systems that are wrong.
This often means unofficial builds that aren’t from the developer that sometimes have sandbox specific issues the devs didn’t contemplate because they don’t actually do flatpaks. If someday the random bob who is neither the original developer nor some trusted individual connected to the distro is hacked they may push out a malware enabled update that pwns all the people who automatically update in short order. This doesn’t seem like a security increasing feature.
Yes you’re right. Unofficial Flatpaks aren’t ideal and pose a security risk. Just like many convenience workarounds for apps that aren’t officially packaged, such as COPR, PPAs, AUR and the always great
curl https://github.com/dev/repo/main/install.sh | bash
. Not having a convenient way to install or update is a security risk too of course. You’ll probably end up with outdated software.But both Flatpaks and the Wayland desktop have a focus on sandboxing as a security measure, and when implemented properly (official verified flatpak / app that uses the Wayland API), they can both increase security. In practice, yes, the weakest link is the problem of course. Hopefully soon, the vast majority of Linux apps will run either native Wayland or as flatpaks and that will significantly decrease the attack surface for the Linux desktop.