Flatpak's Sandboxing Works


Flatpak is an alternate distribution method for Linux. By default, programs are sandboxed from the rest of the system.


An often made statement by critics of Flatpak is the insistence that this isn't real security, because a package maintainer can change its security settings to poke holes in the sandbox. (This is allowed because some software relies on it for functionality.)


Recently, malware was released through Minecraft mods on CurseForge, and possibly other modding platforms. It was a wide attack that ended up causing several mods and modpacks to be affected. Installing and running any of the mods causes the system to be infected.


[MALWARE WARNING] "fractureiser" malware in many popular Minecraft mods and modpacks


Prism Launcher, a Minecraft launcher, is distributed through Flatpak. Prism Launcher takes advantage of Flatpak's sandboxing and does not allow access to the directories that the malware uses. If the malware was running in the sandbox, it would fail, and the system would not become compromised.


Thus, the Flatpak sandboxing works.


If the user had the same situation using a locally installed, unsandboxed version of Prism Launcher, the malware would have had access to the directories it needs and infect the system.


This is a clear and recent example showing how those who complain about Flatpak's security are wrong. Just because one application has looser security settings does not mean that every application will be set up that way. Just because it *can* be configured in such a way does not mean the majority of the ecosystem is that way. One bad actor does not take away the good of developers who use the tools correctly.


Security is not an all-or-nothing affair, as the critics imply. Having even a little more security is better than having none. There's a balance to be made between it and convenience. Flatpak enables developers to choose which balance they want. Users can use Flatseal to further tweak the balance for themselves.


It's like saying "Passwords are bad because people can create weak passwords, so we should never use passwords."


There's no such thing as perfect security. To be obstinate to a point where any degree of improvement cannot be accepted until it is perfect is a silly ordeal.


There are complaints to be made about Flatpak, but the sandbox is not one of them. If you discover an *actual* CVE, report it so it can be fixed.


https://www.cvedetails.com/vulnerability-list/vendor_id-16613/Flatpak.html


/gemlog/

Proxy Proxied from the original at gemini://zelena.flounder.online/gemlog/2023-06-13_Flatpak%27s_Sandboxing_Works.gmi
About Gemini
Hosted on flounder