When you use flatpaks from the command line, there is no warning about what permissions will be used by that flatpak, and whether or not this is proprietary software. Again, much worse than what we are used to with regular packages.
in practice, you can expect flatpak to be used by proprietary software to spread malware on Linux.
In practice, Flatpak apps are containerized.
@LinuxClaude Nope. Many flatpaks have permissions that go beyond their containers. Flatpaks that have access to nothing outside of their own environment are the tiny minority.
What Flatpak apps do you know can modify the system and possibly spread malware?
@LinuxClaude Any flatpak that has access to wide system permissions and network has potential to track your files and your network... and other applications if they use X11, too. Of course, I am talking about proprietary software here, which can be (and is) distributed via flatpak these days on flathub,
So you have no example. You're imagining that maybe... I'm not an expert, but I don't think it could happen.
@LinuxClaude @boilingsteam ugh.. security doesn't work that way. If there's a way, there's a malware package waiting for you, regardless of you having paranoia or not.
You can't promise "security" by allowing, effectively, full system access by 3rd party code.
Unless there's something like OCap in place, the security is a theatre and a disaster waiting to happen.
