I like how the app name is blacked out so as not to dox the flathub app.
It’s nice to see good app security being praised. Sometimes it feels like some people on lemmy (and the fediverse) throw security to the wind.
Like one time I had heard someone over on Mastodon say that they thought that HTTPS was too overused and shouldn’t have been everywhere because it makes older apps unable to access sites and also made adblocking just ever so slightly harder.
Which yeah, I love adblockers, but I’m definitely not comfortable with all traffic having to go unencrypted just for it.
But my 1998 Windows CE device that’s made obsolete by those meddling modern security practices!
Still not worth dependency hell.
Flatpak reduces dependency hell… and proper sandboxing has nothing to do with dependency hell.
What really needs to happen:
Flatpak packages should ask for every permission they need, and the user needs to approve every one of them.
Right now, we have this weird in-between state where some flatpak packages ship with limited permissions (like Bottles). That’s because every permission the package asks for is immediately granted. The user doesn’t get a chance to refuse these requests. This current model serves to make life more difficult for non-malicious flatpak packagers while failing to protect users from malicious packages.
Also, GNOME needs a Flatpak permissions center like KDE. You shouldn’t need to install a third party program to manage permissions.
it’s weird that android and ios already provide this but THE container standard doesn’t