On 6/30/22 10:23, Michael Catanzaro wrote:
I take a pretty dim view towards arguments about "Flathub is
untrusted" and "Flathub packaging is poor" since proponents of these
arguments conveniently ignore the fact that traditional RPMs are
totally unsandboxed. [...]
Opponents of Flatpak have had seven years since Flatpak launched to
figure out an alternative model to make apps safe using firejail or
bwrap or whatever, but nobody ever seriously did, and at this point
the endgame has arrived with a *commanding* lead in favor of Flatpak.
So it's time to move on.
There are two separate issues: sandboxing and library
duplication/lifecycle management. I agree that sandboxing is desirable,
but I don't think we should give up on the shared libraries, because of
their savings of memory and storage, and because of their better
security profile.
I see how RPM-driven flatpaks can actually mitigate the security
issue--presumably any vulnerability fixes/updates to system libraries
also end up in the rebuilt flatpaks, so they would not rot in place.
Still, the library/runtime duplication bothers me and I hope that there
will be some technical solution to it.