should i be worried installing these two? what does it mean though?

(these are captured from Pop! OS software manager)

  • The_Terrible_Humbaba@slrpnk.net
    link
    fedilink
    arrow-up
    6
    arrow-down
    3
    ·
    5 months ago

    Not for the average/casual user, which is why this post exists.

    The average person will look at that and see the ‘!’ in a triangle and became scared of what it can do to their system, even though it has no more permissions than a system package. Alternatively, they will become desensitized and learn to ignore it, resulting in installing flatpacks from untrusted and unverified sources.

    Overall, I just think the idea around having to sandbox all flatpaks is not a good idea. To give a concrete example, Librewolf is marked as “potentially unsafe” because it has access to the download folder, but if I want to use it to open a file that isn’t in “downloads” I have to use flatseal to give it extra permissions - it’s the worst of both worlds! Trying so hard to comply with flatpak guidelines that it gets in the way of doing things, and still not being considered safe enough.

      • The_Terrible_Humbaba@slrpnk.net
        link
        fedilink
        arrow-up
        1
        ·
        edit-2
        5 months ago

        I don’t know about this in depth, but from what another user in this thread said, a flatpak can’t ask a portal to have access to two files at once. If I’m understanding correctly, that would explain why Librewolf needs permission to access ~/Downloads, since it can be downloading more than one file at once, and it needs access to all those files in ~/Downloads at the same time.

        EDIT: I got a bit mixed up with what you were saying, but nevertheless, if this is true, then Librewofl would still need permission to access ~/Downloads and so be marked as “potentially unsafe”.

    • MonkeMischief
      link
      fedilink
      arrow-up
      2
      ·
      5 months ago

      I get what you mean. When updating Linux mint, the “This needs to get some additional packages too” window, relatively benign, has a big scary ⚠️/ /!\ on it.

      Felt the need to explain to the person I was installing it for. “That’s totally normal, just look it over first and continue.”

      …like, it’s gonna do that almost every time it updates, it doesn’t need to look scary. :|