Comment by necovek
6 days ago
Flatpak and Snaps are built to solve this. They do conflict with some expectations from users to be able to play around with things, though, so they do not have the penetration one might want.
6 days ago
Flatpak and Snaps are built to solve this. They do conflict with some expectations from users to be able to play around with things, though, so they do not have the penetration one might want.
They only cover the user-facing app part of the story. The rest of the system needs isolation and safeguards, too, including things like the desktop environment and whatever random daemon.
A solution that's integral to the system and not just loosely taped on is required.
For many services that was solved even earlier: that's why things like Docker, podman and VMs are so popular.
The hard bit is the desktop experience which is not fully there yet, but the technology is.
Docker style containerization technically works, but for desktop use I think is a rather heavy kludge and not really a solution.
It would be much more nice if e.g. daemons could have their privileges pared down to only exactly what they need to function and nothing more with a config file somewhere. This can somewhat be achieved with the user system, but that really doesn’t scale well and doesn’t suit the purpose all that well in some ways.
1 reply →
Flatpak provides very weak sandboxing compared to android. It was more about packaging and distribution than security.
https://docs.flatpak.org/en/latest/sandbox-permissions.html says otherwise.
Most apps not using tight hardening are for different reasons though (files/folders org).