What is a Flatpak on Linux?
A flatpak is a way to package and install applications on Linux that is (somewhat) sandboxed.
Due to the sandboxing, flatpaks often don't work properly, specially if you need to open and edit files with it. One reason for this is that in order for some applications to work well as a flatpak you need to give the flatpak permission to access certain files, and to do that you need to install FlatSeal, which is an application to manage flatpak permissions. You're often able to install a flatpak without installing FlatSeal that is in practice required for the flatpak to work. Linux-based operating systems like Linux Mint will just let you do this and won't tell you about it, creating a lot of confusion that could be prevented with a simple dialog box. See [Bottles doesn't Work on Linux Mint because It's a Flatpak] for an example.
Are Flatpaks Safe?
Flatpaks are NOT perfectly safe or sandboxed. If you run a malicious program as a flatpak, it's possible for it to escape the sandbox somehow. In particular, X11, which is necessary to display a window on the screen and therefore used by any application with windows, is unsafe compared to its successor, Wayland, such that a malicious flatpak with X11 access would be able to exploit its vulnerabilities.
That said, flatpaks are safer than not using flatpaks. In many cases, the real threat isn't that a program is malicious, but that it's buggy. Any program that you run has the power to delete all your files. Any program that deletes files is one mistake away from deleting the wrong files. With flatpaks, you don't have to worry about buggy applications accidentally deleting your entire home directory because they won't have access to your files in first place.
Leave a Reply