• Allero@lemmy.today
    link
    fedilink
    arrow-up
    6
    arrow-down
    1
    ·
    4 months ago

    Fair criticism!

    However, the extent of the damage is limited by flatpak and whatever permissions you have set, and, if I understand it correctly, you cannot attack one flatpak through the other unless they share access to some files.

    Also, I haven’t seen this kind of attack in the wild (maybe I’m not informed enough?) as opposed to rogue maintainers injecting malware into packages.

    On an unrelated note: apparently, there is finally some Russian Lemmy instance? That’s a welcome change.

    • nitrolife@rekabu.ru
      link
      fedilink
      arrow-up
      3
      ·
      4 months ago

      However, the extent of the damage is limited by flatpak and whatever permissions you have set, and, if I understand it correctly, you cannot attack one flatpak through the other unless they share access to some files.

      there is a problem here that permissions are also set by the packages developers. User in most cases click accept all and alll done.

      On an unrelated note: apparently, there is finally some Russian Lemmy instance? That’s a welcome change.

      Well… Appeared 2 years ago. It’s just that practically no one needs it. =)

      • Allero@lemmy.today
        link
        fedilink
        arrow-up
        1
        arrow-down
        1
        ·
        4 months ago

        Permissions are also set by the packages developers

        True, and I don’t think it is healthy not to let them to. But it would be nice to either have some vetting on the matter, or ask user about which permissions they agree for when they install Flatpak.

        Appeared 2 years ago

        Ого, то есть примерно когда я сам здесь очутился. Никогда не слышал о ру инстансах, хоть и искал. Теперь, кажется, нашёл)

        Берёте человечка на борт? Не обещаю сделать Рекабу главным инстансом, но всегда полезно быть по обе стороны Чебурнета, а то последнее время с забугорными беды бывают.