|
|
|
|
|
|
by yjftsjthsd-h
766 days ago
|
|
|
>> The first app on Flathub I find to use libssh2 library is Gitg and, indeed, it does ship with unpatched libssh2. > So isn't it a good thing you deployed that app in a sandbox? Again, why complain about Flatpak when it likely is what's saving you from a client vulnerability? Because it's not! https://flathub.org/apps/org.gnome.gitg > gitg is potentially unsafe Full file system read/write access
Can read and write all data on the file system
User runtime subfolder keyring
Can read and write all data in the directory
Network access
Has network access
Now instead of the lack of useful sandboxing reducing you to the same absence of protection as native distro packages, you're worse off. |
|
|