undefined | Better HN

0 pointskiwijamo1y ago0 comments

Installing Flatpak itself requires root, which means it's adding just a little more attack surface just to use Flatpak. Not a big concern of mine but I can understand why some might prefer not to.

0 comments

2 comments · 1 top-level

hedora1y ago· 1 in thread

Also, until I hear otherwise, I’m assuming “the sandbox is still a lie” continues to hold:

https://flatkill.org/2020/

Though, that page says they at least try to make it not setuid root these days. Also relevant: https://xkcd.com/1200/

fph1y ago

Interesting read! But from what I understand from the permissions reported in https://flathub.org/apps/io.gitlab.librewolf-community , the Librewolf flatpak does not have access to the user home folder, which is the main security issue reported in that page.

j / k navigate · click thread line to collapse