Not OP, but what annoys me are permission issues. I installed a program that couldn’t access a specific folder and it took me quite a while to find out that this is not an issue of the app, but the flatpak didn’t have this directory in its whitelist.
Also, when one flatpak should interact with another flatpak, it gets messy (e.g. steam/mangohud).
That’s fair but it’s also one of the biggest selling points for me. The isolation it provides is one of the reasons I’d rather ran applications in Flatpak (if possible).
I love the security aspects and it’s about time that desktop apps cannot access all your files & apps.
But the implementation is IMO improveable. Maybe by the makers of flatpak, maybe by the app developers. A simple Error message like this one would have helped:
Error: Cannot access directory /data, please grant the permission by following these steps (…)
Maybe by the makers of flatpak, maybe by the app developers
This falls on the app developers. They’re supposed to be using something called XDG desktop portals. It opens a filepicker window on the host, the user selects which file they want, and that specific file gets passed through into the sandbox automatically, no permissions needed. Though it’s not perfect either – AFAIK there’s no way to pass though a directory using XDG portal, and drag-and-drop is broken (at least on X11). For command-line apps (tho it’s not really what flatpak was designed for), the equivalent is the --file-forwarding option.
That’s why i use flatpak Firefox for browsing and non flatpak librewolf for running html games, as Firefox wouldn’t load images into the html due to permissions
Not OP, but what annoys me are permission issues. I installed a program that couldn’t access a specific folder and it took me quite a while to find out that this is not an issue of the app, but the flatpak didn’t have this directory in its whitelist.
Also, when one flatpak should interact with another flatpak, it gets messy (e.g. steam/mangohud).
That’s fair but it’s also one of the biggest selling points for me. The isolation it provides is one of the reasons I’d rather ran applications in Flatpak (if possible).
I love the security aspects and it’s about time that desktop apps cannot access all your files & apps.
But the implementation is IMO improveable. Maybe by the makers of flatpak, maybe by the app developers. A simple Error message like this one would have helped:
Error: Cannot access directory /data, please grant the permission by following these steps (…)
This falls on the app developers. They’re supposed to be using something called XDG desktop portals. It opens a filepicker window on the host, the user selects which file they want, and that specific file gets passed through into the sandbox automatically, no permissions needed. Though it’s not perfect either – AFAIK there’s no way to pass though a directory using XDG portal, and drag-and-drop is broken (at least on X11). For command-line apps (tho it’s not really what flatpak was designed for), the equivalent is the
--file-forwardingoption.That would solve a ton of issues for new users. At least let them aware, instead of them scrambling for hours.
That’s why i use flatpak Firefox for browsing and non flatpak librewolf for running html games, as Firefox wouldn’t load images into the html due to permissions