You can override default permissions

I was wondering about this myself. I agree that it's highly misleading if they are advertising it as secure now, if apps can currently choose their privilege levels.

I would consider it "secure" if I could install any flatpak app and it:

• Could only do networking if I said so.
• Could only access files outside of it's own writeable area if I said so.
• Could only access hardware devices (eg printers, fan control etc) if I explicitly said so.
• Could only allocate a fixed, small amount of memory unless I explicitly granted it a higher allowance.
• Could only use a fixed, small amount of disk space unless I explicitly granted it a higher allowance.
• Could only do extremely limit IPC unless granted extra permissions.
• Could only take screenshots if I said so.
• Could only access the mic and webcam if I said so.

A project like Flatpak really needs a highly pragmatic person running it who is both technically proficient and good with ergonomics. I haven't got my hopes up about Flatpak yet, because these kinds of people are rare in the Open Source world. There are lots of people who are great with technology and coding, but far fewer people who really understand what it takes to make a fantastic user experience. I think both Gnome and Mozilla are trying to focus more on the human experience, but how well they are doing is debatable.

I don't know why these people are rare. It's often just a matter of having a bit of empathy and asking yourself the question "how would my idiot friend behave and get along with my software if he used it?" In the case of flatpak it's abundantly obvious to me that if you tell users "it's secure", then they will happily and freely download and install flatpak'd apps on their machine from wherever they like on the net because "it's secure... it can't hurt my computer".

Until flatpak gets to the stage where all of my bullet point items are implemented, I will use virtual machines for non-trustworthy software and I'll stick with my distro's packaging system for things I trust.

AFAIK some of those are planned through use of portals. Others would be more dificult to do well for user friendly software. FOr them you can set up your own containers (via systemd if you wanted).

Then, it's should be advertised as: secure, if you will play a bit (lot) with it. But to do so, you must know a bit how computers work, and you must learn how sandboxing works, then you must learn how to properly configure applications. And, then you must spend some time to actually make proper security configuration.

That will never happen for bloody non-technical end-users.
​

I'm going to love when they finish up the portals to the point of supporting android-style "Do you want to allow this application <permission>?" question boxes.
Of course, just having the packaging and package-controlled sandboxing in place is quite nice as a start.

This is opensource, you can easily clone the upstream configuration files used to make the package, edit them yourself and make your own package to full control. This is the source used to generate Steam package https://github.com/flathub/com.valvesoftware.Steam

Making a basic permission system like Android (so the user can control basic access to his PC's features from that application, like say camera/mic and similar) won't hurt, but I don't know how feasible it can be to give full control to the user, an application here needs to be able to read stuff from the system and only a maintainer knows enough about what has to be allowed and what can be safely blocked.
Learning how to use the configuration files to make your own packages is the easier part, if compared to that.

Snap only works with AppArmor and is therefore not confined on most distributions.

[QUOTE=kravemir;n1001147]
​​From apt, I'm installing opensource software, therefore I can be almost sure, that there's no hidden malware in them (though, they might have bugs, but they won't compromise your system on their own)./QUOTE]

Unless the upstream source is compromised and ends up getting packaged, like what happened to that open source IRC server software a couple of years ago.

So you're saying your "idiot friend" actually knows how permissions work and how to control them? That's a contradiction.

In that case: aren't you mad at your favorite Linux distro as well? 'Cause almost every Linux distro calls itself secure, yet it's not secure right now because of Spectre and Meltdown.