Imagine your friend that does not know anything about linux, don’t you think this would make them not install the firefox flatpak and potentially think that linux is unsafe?

I ask this because I believe we must be careful and make small changes to welcome new users in the future, we have to make them as much comfortable as possible when experimenting with a new O.S

I believe this warning could have a less alarming design, saying something like “This app can use elevated permissions. What does this mean?” with the “What does this mean?” text as a clickable URL that shows the user that this may cause security risks. I mean, is kind of a contradiction to have “verified” on the app and a red warning saying “Potentially unsafe”, the user will think “well, should I trust this or not??”

  • raspberriesareyummy@lemmy.world
    link
    fedilink
    arrow-up
    12
    arrow-down
    4
    ·
    5 months ago

    isn’t flatpak by definition relying on a second software source, hence 2x as much risk as relying on a single source (your OS repo)?

      • raspberriesareyummy@lemmy.world
        link
        fedilink
        arrow-up
        1
        ·
        5 months ago

        beyond root processes, none that I am aware of. Hence I configured all my internet applications and steam to run in a jail :) firejail & bubblewrap come as native packages, unlike the flatpak contents

        • AProfessional@lemmy.world
          link
          fedilink
          English
          arrow-up
          1
          ·
          4 months ago

          It’s very accurate. A distro will audit a few packages they deem high risk, such as suid binaries. Once an audit is complete they will often not re-audit it. At that point you rely on third parties for audits.

          Flatpak is sometimes, not always, simply a more secure package. You can audit the sources like anywhere else.