Announcement

Collapse
No announcement yet.

Flatpak Support Is Now "Production Ready" In KDE Discover

Collapse
X
Collapse
 
  • Page of 3
  • Filter
  • Time
  • Show
Clear All
new posts
Previous 1 2 3 template Next
  • #21
    Originally posted by starshipeleven View Post
    This is opensource, you can easily clone the upstream configuration files used to make the package, edit them yourself and make your own package to full control. This is the source used to generate Steam package https://github.com/flathub/com.valvesoftware.Steam

    Making a basic permission system like Android (so the user can control basic access to his PC's features from that application, like say camera/mic and similar) won't hurt, but I don't know how feasible it can be to give full control to the user, an application here needs to be able to read stuff from the system and only a maintainer knows enough about what has to be allowed and what can be safely blocked.
    Learning how to use the configuration files to make your own packages is the easier part, if compared to that.
    But almost every other OS has support for permission control. It first appeared on webOS, then on BlackBerry 10, then on Android and then others like Ubuntu Touch and Windows followed suit. We Linux'ers don't have to be a sheep, but you can see that it's an increasing trend so I don't see why we shouldn't implement it. If you want to do it true Linux style but not through a GUI, then why not at least add flags support? Like --readonly will give the app readonly access.

    Comment

    • #22
      Originally posted by ssokolow View Post

      Flatpak is being developed in a "make it stable, then make it useful, then make it perfect" pattern as a superior alternative to DEB, RPM, and various other existing mainstream packaging systems for desktop Linux.
      1. Make it stable: Stabilize the APIs so Flatpack packages will be forward compatible
      2. Make it useful: Implement the APIs so that sandboxed applications can actually function. (We are here)
      3. Make it perfect: Add stuff that's easy to retrofit, like permissions control.
      Being a more secure alternative to DEB/RPM/etc. for desktop apps is a perfectly good step on the road to being a more user-empowering alternative to APK. Having permissions control at a stage where the permissions being controlled aren't yet implemented just puts you behind schedule for building an ecosystem.

      EDIT: Note that I said "more secure" rather than "secure". You can always limit yourself to open-source Flatpaks, and I'd much rather have my Humble Bundle and GOG.com games in Flatpaks than MojoSetup installers. Enforcing that the code obeys the publisher's intentions may be inferior to enforcing the user's preferences, but it's better than no enforcement at all.
      First thing is possible too with pacman, apt and co.
      It's just not used widely except for Qt where you can install usually the last version too.

      I would like to see the sandbox/portal used by the programs too without flatpak used.

      File dialogs and co are a mess with gnome or Gtk applications.

      Comment

      • #23
        Originally posted by Vistaus View Post

        So you're saying your "idiot friend" actually knows how permissions work and how to control them? That's a contradiction.
        My hypothetical idiot friend understands how to answer these questions:
        "Do you want POKEMON GAME to access your webcam and see your drooling face?"
        "Do you want PAINT APP to be able to freely upload and download things from the internet?"
        "Do you want VOUCHER MONEY OFF APP to access your photos, chat history and other private data?"

        My hypothetical idiot friend doesn't understand octal permissions, how to tweak apparmor profiles, which dbus calls/subscriptions should be allowed, which device nodes to permit access to or what UDP/TCP is.

        My hypothetical idiot friend can drive a car to a fast food restaurant and order some food, but he doesn't know how to repair his car engine or write code to run on the chip which operates the traction control system. He -- at best -- may be able to fulfill one limited role within the fast food company if he worked there, but wouldn't have a full picture in his mind of how the entire fast food restaurant operated.

        Judging from your question, I'm guessing you completely missed the point of my post and in doing so your presented yourself as an archetypical example of someone who doesn't get ergonomics and wouldn't be any good at designing software suitable for use by the average person who knows nothing about how computers work. There's no need to feel bad about this; people who understand both tech and people to a high degree appear to be rare.

        I stand by my claim: for Flatpak to be successful as a "secure" packaging and app-sandboxing system, it needs to be designed and led by someone (or a group of people) who really understand human ergonomics and what the typical non-technical person is capable of understanding.
        • Likes 1

        Comment

        • #24
          Originally posted by cybertraveler View Post

          My hypothetical idiot friend understands how to answer these questions:
          "Do you want POKEMON GAME to access your webcam and see your drooling face?"
          "Do you want PAINT APP to be able to freely upload and download things from the internet?"
          "Do you want VOUCHER MONEY OFF APP to access your photos, chat history and other private data?"

          My hypothetical idiot friend doesn't understand octal permissions, how to tweak apparmor profiles, which dbus calls/subscriptions should be allowed, which device nodes to permit access to or what UDP/TCP is.

          My hypothetical idiot friend can drive a car to a fast food restaurant and order some food, but he doesn't know how to repair his car engine or write code to run on the chip which operates the traction control system. He -- at best -- may be able to fulfill one limited role within the fast food company if he worked there, but wouldn't have a full picture in his mind of how the entire fast food restaurant operated.

          Judging from your question, I'm guessing you completely missed the point of my post and in doing so your presented yourself as an archetypical example of someone who doesn't get ergonomics and wouldn't be any good at designing software suitable for use by the average person who knows nothing about how computers work. There's no need to feel bad about this; people who understand both tech and people to a high degree appear to be rare.

          I stand by my claim: for Flatpak to be successful as a "secure" packaging and app-sandboxing system, it needs to be designed and led by someone (or a group of people) who really understand human ergonomics and what the typical non-technical person is capable of understanding.
          I'm not all that familiar with most tech. I'm not a software designer or programmer or IT'er or anything and I don't even use Facebook or Snapchat or that kind of stuff (only Twitter and Instagram). I do understand people as I am an empath. I just misunderstood your post, that's all. I'm sorry about that.

          Comment

          • #25
            Originally posted by Vistaus View Post

            I'm not all that familiar with most tech. I'm not a software designer or programmer or IT'er or anything and I don't even use Facebook or Snapchat or that kind of stuff (only Twitter and Instagram). I do understand people as I am an empath. I just misunderstood your post, that's all. I'm sorry about that.
            Now I feel like a dick. Sorry buddy! I called it wrong.

            As an aside, I think you probably underestimate your tech ability. If you read Phoronix you're probably -- conservatively speaking -- among the top 5% most tech literate people on the planet.
            • Likes 1

            Comment

            Previous 1 2 3 template Next
            Working...
            X