I agree. I tend to avoid flatpak, since I don't usually have the time to debug access issues. The desktop integration doesn't seem good enough to give me an allow/block dialog each time. The current situation of "is the app I need a snap|flatpak|$os_pkg_format_here" seems to add a lot of fatigue to the experience.
This report would be better received if it wasn't from 4 years ago and posted on a domain named flatkill.org--seems 'politicized'.
Any shortcomings of sandboxing has to be compared with something else to be practically meaningful. A sandbox that works when an application is appropriately packaged is better than not running in one for all applications.
and most of the issues debunked by the flatpak dev, and bottles developer, in that same year, 4 years after that steam deck recomends flatpak, and portals are a lot more mature, that site need tobe taken down lmao
> Almost all popular apps on Flathub still come with filesystem=host or filesystem=home permissions
This is way oversold. That's true of "all popular apps" because those apps are legacy things written to run in the host filesystem and store state to the home directory. And there are good reasons to want to do this.
That's not an indictment of the technology, that's just saying that Thunderbird or whatever hasn't been ported to run in a sandbox yet. I mean, yeah. But why complain about the perfectly good sandbox technology and not the app?
Edit: this one is even worse:
> A perfect example is CVE-2019-17498 with public exploit available for some 8 months. The first app on Flathub I find to use libssh2 library is Gitg and, indeed, it does ship with unpatched libssh2.
So, that's a ssh client vulnerability. And indeed, you absolutely want your apps to ship current binaries with vulnerabilities patched, and this app didn't. So isn't it a good thing you deployed that app in a sandbox? Again, why complain about Flatpak when it likely is what's saving you from a client vulnerability?
Devil’s advocate on the last point about the libssh vuln: it would be in a sandbox, but if you do take that with the commentary that most apps have large areas of sandboxing disabled, then the sandbox isn’t effective in stopping exploitation of a vulnerability and the flatpak model has increased the chance of there being a vuln in the first place because bundled outdated deps are the natural end state of a flatpak without constant intervention.
Flatpack etc sandbox is shoehorned into a system that doesn't expect it.
You can't expect apps to migrate to something that a) promises to support the existing model, and b) also support the existing model.
What these app package formats should be doing is coming up with a new model and then asking people to support their model as if it were a new platform.
Similar to how thunderbird supports Linux Mac and windows.
That might actually result in both an access model that makes sense to end users and actually creates an app package formats that isn't full of trade offs and work arounds.
>> The first app on Flathub I find to use libssh2 library is Gitg and, indeed, it does ship with unpatched libssh2.
> So isn't it a good thing you deployed that app in a sandbox? Again, why complain about Flatpak when it likely is what's saving you from a client vulnerability?
Full file system read/write access
Can read and write all data on the file system
User runtime subfolder keyring
Can read and write all data in the directory
Network access
Has network access
Now instead of the lack of useful sandboxing reducing you to the same absence of protection as native distro packages, you're worse off.
The article complains about saying that the app is sandboxed. I don't want my ide to be sandboxed anyway, so just flagging that in the store should be enough.
Vscode on snap runs unconfined for example, that's explicit
Yep. I refuse to touch it. But we need a usable (and more documented) "QubeOS" including curated "app store" and app containment with overlay filesystems to separate data, OS, and application concerns sanely, predictably, and securely. XCP-ng implements O_DIRECT that allows zfs to be used as a backing store.
I really don't think the app model makes any sense for a Linux desktop anyways.
You need this sandboxing on the phone not because of security but because the developer of the app is untrusted, that's the opposite of Gimp / Krita / VLC or whatever else is packaged where the author is trusted and the sources are available.
nevermind root. The apps have unrestricted access to your filesystem under the same privileges as your user -- in other words, they have access to all your personal files and configurations and keys. Who needs root?
> nevermind root. The apps have unrestricted access to your filesystem under the same privileges as your user
Easy to get root anyway, just add an alias to sudo to .bashrc and whenever the user follows an online instruction guide into fixing something they'll get root privileges.
or overwrite LD_PRELOAD for the user
or replace the users desktop files and pretend to be another application (because you can overwrite /usr/share/applications launchers in .local/share/applications)
You can change sudo into an alias that steals your sudo password and then does whatever else.
Not that it makes a huge difference in practice, IMO. The apps most users run (i.e. distro apps) are plenty trusty for normal threat models. Apps that run real untrusted code (web browser) have their own sandboxes. And people with more serious threat models can run qubes or tails or whatever
This is a fair point but orthogonal to the one I was responding to. In any case, a lot of Flatpak's sandbox can be overridden at build time. The sandbox will protect the user against bugs but not as much against a malicious developer.
the sandbox overriden need tobe explaining for the app tobe added to flathub, and yes, they need allow some sandbox breakage until every app support portals, or flathub isn't going to have any app
Not the apps though. The packaging system yes, but whatever scripts run as part of the installation of a package is the package maintainer's responsibility. Not trusting your distro's package maintainers means you don't trust anything on your computer.
As in, any unrestricted process with user privileges on Linux can up to root through vulnerabilities in the kernel or other components. Namespaces, LSMs, and seccomp limit that exposure.
Trust is a part of security. "The developer is untrusted and may download a copy of all my emails if given access" is definitely a security / access control concern.
There's always doubt about software. Even if it's your software, the compiler or the distribution site can be compromised. It's not a technical problem - it's like saying "you shouldn't interact with people if there's any doubt about them".
The solution is choosing an acceptable level of trust and putting safeguards like sandboxing where possible. (And ideally monitoring on the possible violations)
This is too one size fits all. It's either "every package is untrusted" so the repo is useless, or it's "there's too many people to keep track of the trust level of" which is insecure.
It's much harder to make a trust bet like that than, in principle, to make a local decision like "Hmm, why is the xz tool requesting access to the ssh port? That doesn't seem right"
That's not a sufficient level of trust. The author should basically never be trusted and it's extremely difficult to verify that the source of what's available is the same as what's in the binary that you downloaded.
Just look at the xz backdoor... "Author trusted"...
We are always going to have much greater confidence in the security of the base OS than the security of random apps in the ecosystem.
You named some great applications that have seen a lot of scrutiny... But what if someone installs a malicious gimp plugin, or wants to use a closed source app like discord? Your argument falls apart quickly.
The end user doesn’t know, like, what bus-xyz or a socket is and if this app needs it!
The permissions may also change over time. Like a PDF reader may not need a particular permission unless you open a link or play an audio.
The apps have to be shipped in restricted mode, and ask user-understandable permissions. Basically, like phones.