should i be worried installing these two? what does it mean though?

(these are captured from Pop! OS software manager)

  • Mactan@lemmy.ml
    link
    fedilink
    arrow-up
    11
    ·
    6 months ago

    a curse upon these distros for alarming people with such messages. they are meaningless and technically apply to every flatpak

    • Possibly linux@lemmy.zip
      link
      fedilink
      English
      arrow-up
      12
      ·
      6 months ago

      They mean that the app has that permission. It is good that they let the user know the apps capabilities

      • The_Terrible_Humbaba@slrpnk.net
        link
        fedilink
        arrow-up
        6
        ·
        6 months ago

        Not for the average/casual user, which is why this post exists.

        The average person will look at that and see the ‘!’ in a triangle and became scared of what it can do to their system, even though it has no more permissions than a system package. Alternatively, they will become desensitized and learn to ignore it, resulting in installing flatpacks from untrusted and unverified sources.

        Overall, I just think the idea around having to sandbox all flatpaks is not a good idea. To give a concrete example, Librewolf is marked as “potentially unsafe” because it has access to the download folder, but if I want to use it to open a file that isn’t in “downloads” I have to use flatseal to give it extra permissions - it’s the worst of both worlds! Trying so hard to comply with flatpak guidelines that it gets in the way of doing things, and still not being considered safe enough.

          • The_Terrible_Humbaba@slrpnk.net
            link
            fedilink
            arrow-up
            1
            ·
            edit-2
            6 months ago

            I don’t know about this in depth, but from what another user in this thread said, a flatpak can’t ask a portal to have access to two files at once. If I’m understanding correctly, that would explain why Librewolf needs permission to access ~/Downloads, since it can be downloading more than one file at once, and it needs access to all those files in ~/Downloads at the same time.

            EDIT: I got a bit mixed up with what you were saying, but nevertheless, if this is true, then Librewofl would still need permission to access ~/Downloads and so be marked as “potentially unsafe”.

        • MonkeMischief@lemmy.today
          link
          fedilink
          arrow-up
          2
          ·
          6 months ago

          I get what you mean. When updating Linux mint, the “This needs to get some additional packages too” window, relatively benign, has a big scary ⚠️/ /!\ on it.

          Felt the need to explain to the person I was installing it for. “That’s totally normal, just look it over first and continue.”

          …like, it’s gonna do that almost every time it updates, it doesn’t need to look scary. :|

      • unwarlikeExtortion@lemmy.ml
        link
        fedilink
        arrow-up
        1
        ·
        6 months ago

        I don’t know why a journaling app needs full system access and access to system settings, and the permission Flatseal requests is a dangerous one if you pay attention to these things. Looks like they’re doing their job to me.

        Xournal seems pretty trustworthy to me, so I assume it’s for code simplicity (or age) or not being made with Flatpak in mind - just ‘open any file/full filesystem access’’ (for basic functions like opening files) and ‘change system settings’ for probably only a few features that change system settings.

        I agree the permissions are dangerous and I commend Flatpak for incentivizing developers to use granular permissions.

        As others (and you yourself have said), Flatseal’s entire purpose is to edit Flatpak lermissions, so that one shouldn’t be alarming.