[xorcist]

Flatpaks are a potential security disaster where people learn to install software of questionable provenance, not much different from other desktop operating systems where users learn to click past the warning to install binaries found on random web pages.

[akimbostrawman]

People will do that anyways if not from 3rd party repos like incredibly popular AURs or PPAs then good old curl | sh.

Flatpaks at least have a sandbox that can be easily configured to protect the user, does not require elevated privileges and get some limited vetting on flathub. Not to mention additional security feature like portals.

[dangus]

I feel like flathub and many App Store-like programs that install flatpaks do a good job showing app permissions, whether the apps are OSS, and whether the developer is verified.

I don’t see how it’s significantly different than the status quo on Windows/Mac.