Gradience, Flatseal, Loupe Image Viewer, and Resources running on Ubuntu 16.04

Firefox 118.0.2 running on Ubuntu 16.04

Door Knocker, Collision, and Cartridges running on Ubuntu 16.04

ASHPD Demo running on Ubuntu 16.04, showing a notification through XDG portals

According to Door Knocker, almost half of the portals are unavailable on Ubuntu 16.04, compared to only one unavailable on Fedora 39 with GNOME, which means Flatpaks running here may have more limited capabilities than usual.

  • neo (he/him)@lemmy.comfysnug.space
    link
    fedilink
    English
    arrow-up
    2
    arrow-down
    5
    ·
    1 year ago

    Flatpak has relatively weak sandboxing, takes up a lot more storage because sometimes dependencies get bundled a few dozen times, and most distressingly depends on the application developer to be available to do things like address supply chain attacks.

    • Possibly linux
      link
      fedilink
      English
      arrow-up
      3
      ·
      1 year ago

      I don’t think you understand flatpaks. Flatpaks have dependencies such as the gnome or KDE frameworks. Those frameworks are only installed once so I’m not sure where you are getting the idea that they are installed multiple times.

      Also flatpaks usually come from flathub.org which is unlikely to be compromised. It not impossible but they seem to be pretty good about properly labeling apps.

    • halva@discuss.tchncs.de
      link
      fedilink
      arrow-up
      4
      arrow-down
      1
      ·
      1 year ago

      relatively weak sandboxing

      because xorg exists, not because flatpak can’t do sandboxing well

      dependencies get bundled a few times

      only if there’s a need to do so. identical runtimes are shared

      depends on the application developer to be available to do things like supply chain attacks

      yeah as if a rogue package maintainer can’t do the same