Disclaimer
Flatpak uses OSTree, like Fedora Atomic Desktops (Silverblue, Kinoite etc) and similar to BTRFS snapshots.
So many files are deduplicated and linked, not actually there
https://gitlab.com/TheEvilSkeleton/flatpak-dedup-checker
50GB without
31GB with deduplication
21,4GB with BTRFS compression
It’s not as dramatic for me but it’s still bad. I myself freed at least 20 Gb from my computer when I remove flat pack and all of its crap. and migrated my apps to aur myself.
So you dont have isolation from the system and a working permission system anymore…
If I need isolation, I can use fire jail. And I don’t know why I think they don’t have a working permission system. It works perfectly fine.
Firejail has some major vulnerabilities if you want to be secure. Bubblejail would be preferred but it has even less documentation not to mention presets like with Flatpak. So you need to sandbox every app yourself afaik
This is news to me, one of these major vulnerabilities?
https://madaidans-insecurities.github.io/linux.html#firejail
https://seclists.org/oss-sec/2017/q1/25
https://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=firejail
interesting, ill have to read more on these