search

flathub-infra / linux-store-frontend

A web application to browse and install applications present in Flatpak repositories. Powers https://www.flathub.org
Apache License 2.0
187 stars 50 forks source link

Display sandboxing permissions #122

Open MayeulC opened 6 years ago

MayeulC commented 6 years ago

It would be nice to list permissions that are required by an app: access to file-system, D-bus, X11, etc; directly on the website.

digitalethics commented 4 years ago

I think this is an extremely important issue and should be prioritized. I'd also hope to have clearly visible information of how Flatpak security is different when running Wayland. Technical writing should be easy to understand and come with clear terminology intended to be read by end-users and not developers.

ssokolow commented 3 years ago

This is probably the number-one thing I check when considering installing something through Flatpak and it's very annoying right now to have to keep https://github.com/flathub/ open in another tab, paste over the package name, and then dig into the repo to check finish-args.

(If the permissions are tight enough, I'll install through Flatpak. Otherwise, I try to find something from the core Debian/Ubuntu repos since I trust them more in the face of a potentially nefarious party infiltrating/taking over the upstream.)

bilelmoussaoui commented 3 years ago

This is probably the number-one thing I check when considering installing something through Flatpak and it's very annoying right now to have to keep https://github.com/flathub/ open in another tab, paste over the package name, and then dig into the repo to check finish-args.

Doing flatpak install x already displays the list of permissions of X. You can also revoke permissions you think the app shouldn't use? need? or add new ones. There's a UI utility called Flatseal for managing those permissions as well.

ssokolow commented 3 years ago

Yes. If it didn't, I'd never install Flatpak packages... however, I don't feel comfortable with intentionally going through a "Please install this" "Are you sure?" "No" workflow for checking manifests and, if I were any less dedicated to sandboxing things, I'd just stick to using APT for anything available from the core repositories in a version new enough to meet my needs.

(Which, since my nVidia binary drivers are one of the only closed-source non-game packages on my system, is over 99% of packages. I think the only PPAs I run are TDE, CDEmu, and deadsnakes (old Python versions for tox testing my creations), with TDE only being used because, the last time I tried the KDE 4 version of BasKet Note Pads, my existing data caused it to hang on startup.)

As for Flatseal, I use that too... the question is "Do I go with something the maintainer feels will work with these permissions where I trust the mechanism that lists and enforces them or do I go with something where I'd need to manually add Firejail but I trust the maintainer more?"

(And it'd help if I'd had time to figure out the flatpak override equivalent to using dpkg --get-selections > packages.list and dpkg --set-selections < packages.list so I could feel comfortable with backing up and restoring my overrides for use with the Ansible script I maintain to reinstall my desktop after running the Kubuntu installer.)