Hacker News new | past | comments | ask | show | jobs | submit login

Agreed. Things don't have to be perfect. They just have to be a little better than alternatives.



I agree with that, flatkpak is very much work in progress. A lot of packages are still unofficial. Some software are also not meant to be sandboxed and do require access to the whole file system. I do think it is going in the right direction though.

The author is also mistaking Gnome Software (the gui for managing apps in gnome that has a flatpak backend) and flatpak itself. Marking the app as Sandboxed when it's not is a gnome software issue, not flatpak.


Things don't have to be perfect, but they need to be honest.

To state that an application with full access to the host's filesystem is "sandboxed" is surely very harmful and very misleading.


It is sandboxed, sandboxed in this context just does not say anything about filesystem access. But it still says something about how it is running and again most people would exect something like gimp to have access to the host filesystem when they install it. You have options to whitelist specific directories in flatseal if you want to restrict it more.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: