|
|
|
|
|
|
by emmelaich
2817 days ago
|
|
|
By default, flatpaks don't have r/w to your home. And setuid binaries have been blocked for a while (as the article says). Plus, selinux will have these things locked down on a system that uses selinux. I think the problem is part perception. Flatpak, like Docker is not primarily for security isolation. It's isolation for ease of deployment - to avoid dependency hell. Not saying Flatpak's failings are not a problem. Just keep some perspective. |
|
|