On Tue, Jun 14, 2016 at 7:36 PM, Neal Gompa <ngompa13@xxxxxxxxx> wrote: > The container/security thing is nothing specific or special to Flatpak > and others, in fact it's more theater than anything else anyway, as it > only works when conditions are "just right" (i.e., Wayland, > supercharged containerization with SELinux, etc.). If Flatpak applications silently run without sandboxing, I think it's a problem. The user is being asked to trust that these applications offer better security, so they need to do that or they need to be informed in some user friendly manner. I'd rather be bugged (spammed, whatever) every time I run a Flatpak application that is not being sandboxed, than for this to be silently not using sandboxing. I'd even rather have the application fail to launch by default, if sandboxing won't occur, possibly with a user override, even if that override were tedious, i.e. a flag used to launch the application from command line, although maybe that's creating too easy of an attack vector. -- Chris Murphy -- devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxxx https://lists.fedoraproject.org/admin/lists/devel@xxxxxxxxxxxxxxxxxxxxxxx
