There have been multiple accounts created with the sole purpose of posting advertisement posts or replies containing unsolicited advertising.

Accounts which solely post advertisements, or persistently post them may be terminated.

Spectacle8011 ,
@Spectacle8011@lemmy.comfysnug.space avatar

The default is completely sandboxed. Developers need to allowlist exactly what they want. So it is transparent.

The default before the developer touches it doesn’t matter; compare this to Android, iOS, or macOS’s permission system. An app needs to ask for permission to use the microphone or access your files. With Flatpak, all a developer needs to do is specify –filesystem=home or –socket=pulseaudio and if the user hasn’t specified global options like –nofilesystem=home, then the developer gets access to it. Having a sandbox that is optional for the developer rather goes against the point of a sandbox, don’t you think?

I’m not unsympathetic to Flatpak developers, though. The status quo on Linux for decades has been, “you get access to everything.” If Flatpak enforced that sandbox, more than half of the apps on Flathub right now just wouldn’t work because they don’t support the filesystem portal.

I think GNOME and KDE need to do the work of manually restricting Flatpak apps’ access to sensitive permissions like home by default, maybe in a few years when the idea of the filesystem portal has had time to gestate among developers. Kind of like how Firefox’s HTTPS-only mode (which I think should be the default) prevents you from accessing the website unless you give permission.

That’s something we can work on, I think. At least we have a way to get there.

KDE Plasma now includes a GUI settings page that allows to change these.

I think GNOME needs to integrate that into their settings, I mean just include damn Flatseal as a settings page…

I recall saying the exact same thing. They have a built-in area for it in the Apps section. They’ll probably get around to it eventually…

There are packagers maintaining a shitload of apps at once.

It’s pretty crazy. I think this is probably the craziest example: old.reddit.com/…/much_love_to_felix_yan_an_arch_m…

Felix Yan is awesome to be maintaining thousands of packages for Arch. But man, that’s a lot of work. If we could reduce the workload of our package maintainers who rarely receive any gratitude (usually only demands) and let them focus on the really important packages, I think that would also be awesome.

  • All
  • Subscribed
  • Moderated
  • Favorites
  • [email protected]
  • random
  • lifeLocal
  • goranko
  • All magazines
    •