Telorand ,

No, you don't need to be worried. For example, Flatseal is a program to manage other flatpaks. This means that, by design, it needs to be able to grant flatpaks certain permissions that may expose them to system services they need to operate correctly.

One user mentioned that these new warnings aren't particularly helpful, because they don't give a good explanation of what or why, and they just foster anxiety in users who just want to install an otherwise reputable flatpak.

I don't know anything about xournal++, but I would imagine it's also reputably safe, and somebody else can verify for sure.

Max_P ,
@Max_P@lemmy.max-p.me avatar

Flatseal: well that's normal, it can't control Flatpak's access controls if it is itself sandboxed. Even if it was sandboxes, it could just grant itself everything.

For Xournal: it's probably because it doesn't support portals or whatever, so it can't use the open file dialog to get permissions. So it needs to be able to get to your files somehow to open them.

In both cases, it just means its permissions model is more like regular applications you'd get from your package manager. If you install Xournal with apt/dnf/pacman it also won't be sandboxed.

The point of sandboxing is you can run applications you don't trust too much, or significantly reduce the blast radius if say, your browser gets breached: then it has another barrier to overcome to reach anything other than the browser's own data. The lack of sandboxing doesn't inherently imply the app is evil or will hack you. It just means it doesn't have the extra protection around it. So like, probably don't open sketchy PDFs in it, but I wouldn't stop using the app solely because it lacks sandboxing.

  • All
  • Subscribed
  • Moderated
  • Favorites
  • random
  • linux@lemmy.ml
  • test
  • worldmews
  • mews
  • All magazines
    •