• thingsiplay@beehaw.org
    link
    fedilink
    arrow-up
    0
    ·
    edit-2
    5 months ago

    Examples of unverified apps:

    … these would be hidden by default. Is any of these applications dangerous or a security risk to the system / user?

    Linux Mint:

    Unverified Flatpaks represent a huge security risk.

    I personally don’t like this. This is not really true and in worse case even misleading and giving a false sense of security. If an app represents a huge security risk, why in the first place is it allowed in the repository? Unverified does not mean its a security risk, this is their interpretation of it. Unverified simply means, it is not verified by the original author.

    Create a fork of an app and verify your website with the fork in Flatpak. The system is already broken. Another point is, that lot of unverified apps are just normal apps, as this is the way applications are handled in Linux. We have the right to create alternative versions of the programs and the verification badge will show that. There is no point in hiding alternatives. By doing so, it undermines a reason why we use GPL and Open Source. And what about apps where the original author does not care, but was brought to Flatpak by a community member?

    Flathub:

    It’s similar failure to what Flathub does on their site too, but for another thing.

    Potentially unsafe: Full file system read/write access; Can access some specific files

    Even though LibreOffice is verified, it is marked as potentially unsafe application on Flathub.