Why is it censored lol
It’s actually Dippi but I don’t want to look like I’m advertising it here
I like how the app name is blacked out so as not to dox the flathub app.
Sanboxed from prying eyes, it’s completely safe.
What if your app actually needs access to the internet?
The app can then declare the network permission and it will still be marked as safe.
What is this? A solitaire game?
This could well be an advanced video editor or an office suite if they take full advantage of the portals API without losing any functionality. Well, they can have the network permission, it would still be safe anyway.
The verified feature on flathub is a double edged sword, it makes me lean towards verified apps, even if the alternative is better and made by the original Dev ( but they just didn’t verify themselves )
Next up is user rating and comments…
Likes like Hello World is ready to ship.
It’s nice to see good app security being praised. Sometimes it feels like some people on lemmy (and the fediverse) throw security to the wind.
Like one time I had heard someone over on Mastodon say that they thought that HTTPS was too overused and shouldn’t have been everywhere because it makes older apps unable to access sites and also made adblocking just ever so slightly harder.
Which yeah, I love adblockers, but I’m definitely not comfortable with all traffic having to go unencrypted just for it.
Does it have to be sandboxed?
An app should not be able to access stuff the user did not consent to letting access.
Isn’t that what file system permissions are for?
The file picker API is there to allow apps to access and save files with the user’s consent, while bot having any filesystem access. So a properly sandboxed app would be able to open, edit, and save files wherever the user wants, while not having access to any other irrelevant files, such as your .bashrc or memes folder.
Still not worth dependency hell.
Flatpak reduces dependency hell… and proper sandboxing has nothing to do with dependency hell.
