Hacker News new | past | comments | ask | show | jobs | submit login

flatpak permissions + Wayland are (imo) some of the best things happening on Linux right now. You could always kind of do the same stuff with containers and custom wrappers around each program, but it's really cumbersome.

I want this to be the normal. Right now, it's basically a free for all -- record the screen, send network requests, fingerprint hardware, scan for files, examine other processes. The default, out-of-the-box security settings for most distributions are unacceptable.

I'm really excited to see that sandboxing on native is starting to move in the same direction as the web; I'm hoping that within the next year or two we start to see dramatic improvement here.

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact