• Pennomi@lemmy.world
    link
    fedilink
    English
    arrow-up
    25
    ·
    5 months ago

    I think containerization for security is a damn good reason for virtually all software.

    • gaylord_fartmaster@lemmy.world
      link
      fedilink
      arrow-up
      21
      ·
      5 months ago

      Definitely. I’d rather have a “good and specific reason” why your application needs to use my shared libraries or have acess to my entire filesystem by default.

      • cadekat
        link
        fedilink
        arrow-up
        4
        ·
        5 months ago

        Using your shared libraries is always a good thing, no? Like your distro’s packages should always have the latest security fixes and such, while flatpaks require a separate upgrade path.

        Access to your entire filesystem, however, I agree with you on.

        • gaylord_fartmaster@lemmy.world
          link
          fedilink
          arrow-up
          4
          ·
          5 months ago

          I only use rolling releases on my desktop and have ran into enough issues with apps not working because of changes made in library updates that I’d rather they just include whatever version they’re targeting at this point. Sure, that might mean they’re using a less secure version, and they’re less incentivized to stay on the latest version and fix those issues as they arise, but I’m also not as concerned about the security implications of that because everything is running as my unprivileged user and confined to the flatpak.

          I’d rather have a less secure flatpak then need to downgrade a library to make one app I need work and then have a less secure system overall.