314

I was looking at the firefox flatpak on flathub. Won't this warning make a non tech-savy user anxious? This might make them think they'll get a virus or something like that.(programming.dev)

posted
*
by
Avatar
federino@programming.dev
in
Avatar
linux@lemmy.ml
88 comments
hidereport

Imagine your friend that does not know anything about linux, don’t you think this would make them not install the firefox flatpak and potentially think that linux is unsafe?

I ask this because I believe we must be careful and make small changes to welcome new users in the future, we have to make them as much comfortable as possible when experimenting with a new O.S

I believe this warning could have a less alarming design, saying something like “This app can use elevated permissions. What does this mean?” with the “What does this mean?” text as a clickable URL that shows the user that this may cause security risks. I mean, is kind of a contradiction to have “verified” on the app and a red warning saying “Potentially unsafe”, the user will think “well, should I trust this or not??”

Sort:
HotTopControversialNewOld
You are viewing a single thread.
View all comments
Avatar
brochard@lemmy.world
40 points
*

In my opinion, those warnings are not used to help users but to shame developpers for not trully sandboxing and verifying their apps. Developpers know that having this warning will decrease the number of users downloading it. The goal in the long run is to improve app sandboxing and security.

permalink
report
reply
Avatar
MonkderDritte@feddit.de
15 points
*

By not letting the user import/export addon settings, bookmarks?

Btw, i hate the opinion that the dev must babysit his users. It makes software worse, not better, look at Firefox’s profille folder for an example. If you have to, make an intro to train them.

permalink
report
parent
reply
Avatar
Sethayy@sh.itjust.works
12 points

I’m not 100% confident but I thought you could use portals to access individual files outside of the sandbox

permalink
report
parent
reply
Avatar
UserMeNever@feddit.nl
8 points

You could but where is fails is when you open one html file that then needs to loads the other files that are needed by the first.

You can not allow chain loading like this, it would bypass the sandbox.

One way of working around this would to allow the option of passing a whole folder and sub folders to the program.

The other and much harder option would be a per program portal filter that can read the html file. then workout what files that html file needs and offer that list of files to the user.

The lazy work around is allow read access to $HOME and deny access to some files and folders like .ssh

permalink
report
parent
reply
Show more comments
Avatar
MonkderDritte@feddit.de
1 point

My bad, i thought that was included in file system access.

permalink
report
parent
reply

Linux

!linux@lemmy.ml

Create post

From Wikipedia, the free encyclopedia

Linux is a family of open source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991 by Linus Torvalds. Linux is typically packaged in a Linux distribution (or distro for short).

Distributions include the Linux kernel and supporting system software and libraries, many of which are provided by the GNU Project. Many Linux distributions use the word “Linux” in their name, but the Free Software Foundation uses the name GNU/Linux to emphasize the importance of GNU software, causing some controversy.

Rules

  • Posts must be relevant to operating systems running the Linux kernel. GNU/Linux or otherwise.
  • No misinformation
  • No NSFW content
  • No hate speech, bigotry, etc

Related Communities

Community icon by Alpár-Etele Méder, licensed under CC BY 3.0

Community stats

  • 9.5K

    Monthly active users

  • 3.2K

    Posts

  • 37K

    Comments

Community moderators