Why would I even bother using Flatpak or Snap or AppImage when my linux distro already has great package repositories? I left the Windows ecosystem to avoid the bullshit associated with every developer releasing their own programs with different update mechanisms and everything works so much cleaner with linux repos.
Could someone please give me a serious answer about why one should even bother with Flatpak and family? And "sandboxing" isn't a valid answer, considering how many severe security problems have been found in Flatpak lately.
Jesus, just read on their website what benefits it has. Not gonna spoonfeed you.
Justin Parker
>Flatpak or Snap or AppImage Reminder to sage report and shitpost every thread shilling these. Microshit have been pushing these adware/spyware garbage so hard lately.
Jace Jackson
I looked, it's just vague marketing-speak that doesn't really mean anything
I guess that answers my question, thanks
Jack Jenkins
>And "sandboxing" isn't a valid answer, heh, looks like you know the answer deep down.
Ethan Reyes
I like how the icon is an empty box signifying the lack of programs using it.
Luis Young
It's definitely one of their marketing points, but there have been too many practical demonstrations of a program breaking flatpak's "sandboxing" to get root access to the machine, which makes it entirely useless. You're better off running your program in docker and passing your X socket.
Chase Collins
>when my linux distro already has great package repositories? All the software in your distros repositories would be free software or, at minimum, free to distribute software (it includes binary blob firmware and things like that).
How let's say you want to sell some closed source commercial piece of software with spyware and botnet features to anyone using any Linux distribution. How would you go about providing a software package which just works on every Linux system? This is what Flatpak and AppImage is all about, they are ways to try to convince you that DRM-ridden botnet spying software is somehow morally acceptable if it's packages in a nice container. It's not. You absolutely must resist.
Adrian Scott
No dependency hell (which is rare these days anyways) Appimages are basically portable packages like exe files are. So you don't need an internet connection to install them. They solve the issue of aur/deb/rpm/etc. No need to distribute to several different package managers when you can just push either a snap, flatpak or an appimage. Snaps/flatpaks offer more convenient security and permission management. They're a better solution for proprietary software. Appimages and flatpaks don't need superuser privileges to install software.
Caleb Rogers
Basically people are actually realizing that dynamically linking libraries is retarded (see: harmful.cat-v.org/software/dynamic-linking/) But since gcc literally prevents you from static linking (see: stackoverflow.com/questions/3430400/linux-static-linking-is-dead) People have come up with solutions to a problem that shouldn't exist in the first place. Of those solutions, imho nix and docker are the best. Followed by the three you mentioned.
Mason Thompson
Flatpak shits the bed if you use a file picker while using an icon theme with symlinks. I'll wait for them to mature a little.
Gabriel Gonzalez
It sandboxes non-free programs so you can have full open source distro with non-free codecs in sandbox.
I use vlc flatpak so I can play videos and music on my distro.
>no arguments
Cooper Gonzalez
>vlc sasuga flatpak user
Matthew Morales
It's a benefit to the developers and maintainers of the programs. For example Ubuntu will make the updates to all of the programs in their repos to ensure that they work with the libraries. With a containerized system like Flatpak or Snappy the developers include all necessary libraries. So when the developer updates Intellij it gets pushed via snappy automatically and doesn't require distro maintainers to do any extra checking or fixing. However the files are huge compared to traditional packages since they include all the goodies and Snaps keep the previous two versions on hand in case you need to roll back.
Colton Campbell
I've been switching as many of my applications as possible over to Flatpak. It's great, and will be the future of application distribution on Linux. It brings a lot of benefits over legacy package managers, such as making it easy for application developers to target a platform and release their software, making sure software will work properly across distros, installing multiple versions of the same application side-by-side, updating software without requiring a system reboot, and improved security.
The biggest thing for me is the sandboxing. Flatpak applications are sandboxed and isolated, with limited access to the rest of the system. That's a huge win for security. I find it bizarre (pic related) that by default, applications have access to everything that your user account has access to. Any application running on your desktop can monitor and spy on any other application, can spy on your keystrokes, record from your microphone and webcam, read and write all your user files, and so on. Flatpak protects users from this, which I appreciate very much. This isn't only something that matters for proprietary software. Even free, open source software can contain bugs that wipe your data, and sandboxing protects against accidents like this. Take a look at these examples of people fucking up: github.com/ValveSoftware/steam-for-linux/issues/3671 github.com/MrMEEE/bumblebee-Old-and-abbandoned/issues/123
Flatpak is honestly the future of the Linux desktop. Everyone here will be using it sooner or later - it's just a matter of time.
> when my linux distro already has great package repositories
Using Flatpak doesn't mean you don't get software from your distro's repositories. Flatpak is just a newer, better package manager. Repositories are a separate issue. Newer, more modern distros, are using Flatpak as the native package manager with their own repos (e.g. Fedora Silverblue), and this approach will trickle down to other distros eventually.
Parker Martinez
>And "sandboxing" isn't a valid answer, considering how many severe security problems have been found in Flatpak lately. What security problems have been found lately? I'm almost entirely certain you're just talking about that "Flatkill" FUD website, which has already been debunked many times over.
I'm a brainlet, how is asking for application of snap/flatpak shilling? Also I haven't seen a thread talking like this for at least 2 months user
Cooper Torres
Sounds a lot like docker
Adrian Harris
how does the method of installation of your email and "banking software" (lolbrowser?) change anything about the consequence of losing everything if it gets stolen with your account logged in?
Isaac Martin
My point was that without sandboxing, every application you run has access to basically everything else. And God help you if you're still using Xorg. Any program you run can monitor what you're doing in your web browser, your chat programs, and everything else. Sandboxing protects against this.
