Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Cannot mention sandboxing flatpak without mentioning FlatSeal[0]. Offers a super convenient GUI to set per app configurations.

[0] https://flathub.org/apps/com.github.tchx84.Flatseal



Isn't it just a thin wrapper around `flatpak permissions`?

While obviously a handy GUI, I've never been able to overcome my trust issues with allowing a random package from GitHub to govern permissions for my Flatpaks.

Ironically, I'd probably trust it a lot more if it came as a Debian package. There's a circular issue here where the people who are security conscious enough here to want something like Flatseal might also be too security conscious to install something like Flatseal.


If you're using KDE, they have a native permission manager: https://github.com/KDE/flatpak-kcm

It's under System Settings -> Applications -> Flatpak Permission Settings


Good point, I do indeed use Flatseal. I added it to the blog post.


Flatseal is awesome. Don't know if I would be using Flatpak's sandboxing feature (or even Flatpaks at all!) without it.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: