|
|
|
|
|
|
by masspro
763 days ago
|
|
|
Devil’s advocate on the last point about the libssh vuln: it would be in a sandbox, but if you do take that with the commentary that most apps have large areas of sandboxing disabled, then the sandbox isn’t effective in stopping exploitation of a vulnerability and the flatpak model has increased the chance of there being a vuln in the first place because bundled outdated deps are the natural end state of a flatpak without constant intervention. |
|
|