The title says it all. I would like to know what software you have in a flatpak. If you want to include your reasoning, go ahead.
What’s the reasoning behind your question?
Every graphical app of course unless there’s an issue with packaging or any other problem.
I just wanted to know. For example: tumbleweed comes with firefox, do people uninstall it and reinstall it in a flatpak? The question comes from curiosity.
Yes. I removed Firefox and installed the flatpak version because it’s a little more secure.
EDIT: it might not actually be more secure, but it doesn’t appear to be less secure based on how I read the information in the replies.
Is that due to flatpak sandboxing?
Edit: it’s interesting, this repo is saying the opposite, https://github.com/trytomakeyouprivate/Recommended-Flatpak-Apps/blob/main/Apps/Browsers.md
The Flatpak Sandbox restricts the Browsers abilities to isolate the processes from another, and also valuable internal data like your history or passwords.
Edit 2: since folks are asking further details are linked in the article. Keep in mind I am not personally making these claims, I am in learn mode just like a lot of other folks.
From https://seirdy.one/notes/2022/06/12/flatpak-and-web-browsers/:
When distributing browsers through Flatpak, things get a bit…weird. Nesting sandboxes in Flatpak doesn’t really work, since Flatpak forbids access to user namespaces
This is not true. Also this is shepherding to a false definition of security.
proprietary software that I don’t trust, or programs that aren’t on zypper
I use flatpak for virtually everything because sandboxing your applications from each other and from your private data is a great idea to improve your system security. This helps prevent one compromised app from taking actions that affect the rest of your system.
For example, I have the VLC flatpak and used flatseal to revoke internet access because I only use it to play files. If a file tries to exploit VLC, it will not be able to upload any data or communicate with the attacker’s servers. I revoke any permissions my apps don’t actually need.
There are a few exceptions though. I run development and administrative tools directly because I do actually want unrestricted access to the system for these apps.
I like Bottles. Makes Wine less of a hassle.
