Yeah, I agree, I don't like that aspect of flatpak development either. The idea that the containerization is supposed to provide some kind of resistant form of a sandbox that prevents malicious programs from breaking into your system; I don't buy it.
Look, you need to trust your application sources, there is no way around that. The idea that this is supposed to be a "safer" way to install software than any other package manager is silly.
I still like that flatpak apps are separated from your system and locked to their own dependencies because it makes these apps more portable to different distros. But not for security reasons.
Yeah, I agree, I don't like that aspect of flatpak development either. The idea that the containerization is supposed to provide some kind of resistant form of a sandbox that prevents malicious programs from breaking into your system; I don't buy it.
Look, you need to trust your application sources, there is no way around that. The idea that this is supposed to be a "safer" way to install software than any other package manager is silly.
I still like that flatpak apps are separated from your system and locked to their own dependencies because it makes these apps more portable to different distros. But not for security reasons.