12/26/2023 0 Comments Reddit sandboxie![]() Legacy apps that need it will ask for it, but it can be denied. X11 is insecure, if you have it installed and use it, your OS is insecure. Permission can be denied by the system or the user. Every Flatpak app is sandboxed and can only access parts of the system by explicitly asking for permission. The ecosystem is not ready for that yet, but the security features are there, flatpak does provide a security sandbox. That's exactly how security is supposed to work.įlatpak does provide an effective security sandbox, but as you yourself said on this very article, app developers need to sign in to security for it to actually work. You only proved that explicitly asking for a permission in Flatpak effectively gives said permission, nothing more. If you deny the respective permissions, none of your “exploits” would have worked. Permissions must be requested explicitly. You yourself acknowledge that Flatpak is built on bubblewrap, an effective sandboxing tool. Though, the main argument is either unclear to me, or very flawed. It is an interesting and informative article, thanks for taking the time for writing. I absolutely dont like the current security landscape on the desktop, and mobile phones and tablets have in theory secure sandboxes, but they have different problems so all in all they are just as insecure as desktop operating systems. ![]() ![]() it can be picked or your windows can be broken by a simple brick, but it is still better than leaving your door wide open for everyone to enter. I think most malware (or big known software like Discord, Spotify, Visual Studio Code, just to name a few) probably does not try to escape sandboxes but simply tried to read or write the files it is interested in, so Flatpak and Flatseal probably provide more privacy than nothing. I dont know if such malware, or normal malware, ever was on Flathub, and if it was, how long it took before being discovered and removed. but yeah, you can be unlucky and just download it just before it gets removed. However such a software would quickly be discovered and removed from e.g. If a malicious software is run via Flatpak, it could use X11 to send keystrokes to your desktop that open a new terminal window and enter commands there. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |