Basically title.

I’m wondering if a package manager like flatpak comes with any drawback or negatives. Since it just works on basically any distro. Why isn’t this just the default? It seems very convenient.

  • Zamundaaa@discuss.tchncs.de
    link
    fedilink
    English
    arrow-up
    2
    ·
    9 months ago

    Instead of bluntly blocking things why can’t Flatpak just simulate a full environment and just prompt the user whenever some application wants to read/write to file / unix socket at some path?

    Because the user getting a hundred popups on app start for various files the app needs isn’t exactly a usable experience. Also, blocking the app’s main thread (which is the only way you could do this) is likely to break it and cause tons of user complaints too.

    Aside from apps using the APIs meant for the purpose of permission systems, there’s no good way to make it work.

      • Zamundaaa@discuss.tchncs.de
        link
        fedilink
        English
        arrow-up
        1
        ·
        edit-2
        9 months ago

        until apps can declare on a simple config file what paths they require

        They can, and always could. Apps aren’t doing it, most Flatpaks have just blanket “allow ~/Downloads” or “allow all of home” permissions by default - or no file permissions, and you have to go grant them manually yourself.

        Again, unless apps actually support it, no matter how good the security system is, it won’t work out.