Our great sponsors
-
According to this issue, apparently, many other people don't know what the XDG standard says either. And the solution is to update the XDG desktop specification. And also close the issue, and silence any comments from the outside. Judging by the terse, rude and "I know better" attitude of the response, I would assume that you may be involved with the development. Why else would you be trying to defend the security holes and pretend they don't exist (rather than rightfully saying that their fixes are a work in progress).
-
fs-verity for file based verity. Think like verified boot.
-
InfluxDB
Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
-
The non-services arguments/non cli arguments are mostly through my initial statement (flathub as reference): https://github.com/flathub/flathub/wiki/App-Requirements#desktop-integration
-
(Personally, I find that to be very vague.) So not all batteries are supposed to be included. And according to this list of libraries that are assumed to be present everywhere, one needs a lot more than bash and a posix compliant system.
-
I have no idea if that is true or not, I haven't used Skype for more than a decade. But, an app running as a Flatpak can't directly create files in /etc/ even if that directory was exposed in the sandbox (which it isn't in the Skype flatpak, as you can see here), just like any other process running as a non-root user can't create files in /etc/ (unless your permissions on /etc/ are severely messed up). So if what you claim is true, it has nothing to do with Flatpak's sandbox or with portals. And since in the default configuration the pulseaudio daemon (which is running outside the sandbox) does not run as root either, I severly doubt that what you claim here is true at all.
-
Edit: it was fixed https://github.com/containers/bubblewrap/security/advisories/GHSA-j2qp-rvxj-43vj. Two years after and only considered a high severity threat for the past couple of months, but I guess...