Are there any plans on adding support for Android-style app permissions? This could solve the 'privileged' Wayland apps problem - for example allowing any third party app to do screen recording.

Android keeps changing their permission model so I am not sure which one you want me to compare to here, but the old 'here is a list of permissions to approve' we want to avoid as they tend to be counterproductive (people just click through them like a EULA). Instead the model is to either do implicit permission giving, like the file portal assumes that if you pick a file with the file picker you want the application to get access to it. For other things like screen recording there will be a dialog asking if it is ok for the application to share your screen or window, so that is not to unlike what I believe is the current Android model.

snap has them, it calls them "interfaces". I don't know about flatpak though.

It would be nice if permissions were requested as needed and could be revoked individually

This is the thing flatpak design is that app permissions/interfaces are done by portals.


So allowing a app to-do screen recording/use camera is:

Yes to create a portal.

So any portal access permissions end users get to choose if this is an application one off or if application should have this feature all the time.

Portal from flatpak being supported by snap means in time we should be able to make a application for flatpak and ship it both on flatpak and snap with limited rebuilding due to both have the same permission system.

Because cheaper and faster hardware available today, allows for more bloatware... same already happened many times during computing history

It's not bloatware, it allows to run safely programs that cannot be trusted. Sandboxing happens and happened on devices with crappy hardware too.

It's just the need for security is a relatively new thing, in the old days (and on Windows) applications just drop all their shit in their folder and run without sandboxing.

OK might not be direct bloatware, just indirect bloatware as any layer - but these two have same effect to the end-user, so similar meaning.

If something require more memory and more disk space that is by definition bloatwared effect. Beside that if app behave, slower, laggy and buggy, like RealNC mentioned then what is that? Security by breaking app usefulness or something

Problem is some of the bloat is not avoidable. Be you using snap, flatpak, appimage.... You end up having ship libraries your program uses that are unique. Result is this will consume more ram.

Basically distribution dependency hell this keeps you memory and disc foot print small but may make it hard to run the latest version of a program. Or ship programs with runtime parts this will consume more harddrive space and ram. The sandbox around flatpak has less over all effect than the shipping applications with runtime issues resulting in worst cache and memory performance.

Some of the reason to place applications in containers is to prevent stupid things. Like there are versions of glibc that use system wide shared memory segments to cache result of syscalls of course this is a security nightmare it caused stupid things with early cgroups without proper isolation where you were getting PID information about applications outside container.. Please note glibc is not the only library found doing global shared memory segments to accelerate things and of course these go badly wrong when you have version miss match between the libraries if you are not using a sandbox to split them.

Remember not all open source software is the best coded some really hates having multi versions of library or application running so sandboxing helps.

Bloatware is by definition useless software that just occupies space and wastes resources. For example the software bundled with most laptops.

Flatpack/Snap library bundling and sandboxing aren't bloatware as they do bundle stuff for security and "it works everywhere" reasons.

As already said, it's just bugs because it's immature, it's not a "feature" nor a WONTFIX.

Flatpack isn't supposed to break themes or have significant performance impact.