search

zen-browser / desktop

🌀 Experience tranquillity while browsing the web without people tracking you!
https://zen-browser.app
Mozilla Public License 2.0
17.75k stars 425 forks source link

Warn about the Flatpak being insecure, advertise the tar archive instead #1566

Closed boredsquirrel closed 1 week ago

boredsquirrel commented 1 month ago

Captchas

What happened?

The only advertised options on Linux are AppImage and Flatpak.

The also released tar archive is not mentioned.

Flatpak Firefox has a big issue

https://bugzilla.mozilla.org/show_bug.cgi?id=1756236

https://bugzilla.mozilla.org/show_bug.cgi?id=1882881

The Flatpak is isolated using a seccomp filter that blocks the creation of user namespaces.

Firefox relies on that for process filesystem isolation, while it also uses seccom-bpf for isolating processes.

The developers just said "this is fine", which it really isnt.

This is a Flatpak issue that may not ever be solved in the near future. Instead, Firefox will likely get a real fork server for process isolation faster than flatpak implementing a second way to run apps, just for browsers.

Firefoxes current way is not compatible with process isolation using flatpak-spawn due to not using a fork server, so this would make memory usage explode.

Chromium on the other hand has a fork server (zygote) AND just doesnt run if there are neither a setuid nor a usernamespace sandbox available. So packagers created "zypak" wich tricks zygote into using flatpak-spawn, so process isolation works even as a Flatpak.

I can make a PR for the README to mention this and add instructions on how to add the .tar archive.

The question here: does the archive work with the Firefox updater? Is it intact in Zen Browser?

Thanks!

linear[bot] commented 1 month ago

ZEN-1637 Warn about the Flatpak being insecure, advertise the tar archive instead

mauro-balades commented 1 month ago

The three options are equally displayed on the download website. Wdym?

boredsquirrel commented 1 month ago

I was referring to the Readme, here on Github.

Will check the website.

Flatpak is really nice, but a bad option for browsers. I would go so far as removing that option for security purposes.

win98se commented 1 month ago

FYI, the tar file is selected as default on the download site - image

Hence, this should no longer be an issue for you.

Also, users should be able to choose from various options. More options are better. I oppose against removal of Flatpak packages.

RayZ3R0 commented 1 week ago

Flatpak is a valid choice while being not a good one. But flatpak is a common choice among users so it cannot really be removed. Closing this as unplanned.