This is FUD. It definitely is not a “critical” security feature. Firefox flatpak can’t currently do its own internal sandboxing of subprocesses via namespaces, but it does do seccomp bpf filtering. That’s in addition to the standard sandboxing of flatpak itself, which is implemented using namespaces anyways.
If you are extra paranoid, you can tweak the flatpak’s permissions to harden the sandboxing via your distro’s flatpak settings app.
Flatpaks are containerized, making them both more reliable and more secure (in general… but it’s always possible to fuck things up).
Besides the benefits to users, there are also huge benefits to developers: they can publish a single package and support nearly every distro with it.
It’s often impossible for a dev to publish and maintain packages for all Linux distros out there, so stuff on AUR is built and packaged by well-meaning, but random people who are not the original developer. This very often leads to the app having bugs and compatibility issues which the developer ends up wasting time debugging and trying to fix even though it’s not their fault. (although downstream packagers can fuck this up too by publishing their own unofficial Flatpaks, like Fedora’s recent OBS shenanigans)
Oh yeah, the OBS thing. Yeah, I guess these are the reasons I’ve felt like Flatpaks are a bit more stable than AUR packages. They might take up more space or whatever, but it’s nice to know they work like they’re supposed to, especially commercial stuff like Spotify and Slack etc. I just wish Flatpak software integrated better with the rest of the system without extra configuration.
This is the correct way to Linux in 2025
Not for firefox, critical firefox security feature not available in flatpak: https://bugzilla.mozilla.org/show_bug.cgi?id=1756236
This is FUD. It definitely is not a “critical” security feature. Firefox flatpak can’t currently do its own internal sandboxing of subprocesses via namespaces, but it does do seccomp bpf filtering. That’s in addition to the standard sandboxing of flatpak itself, which is implemented using namespaces anyways.
If you are extra paranoid, you can tweak the flatpak’s permissions to harden the sandboxing via your distro’s flatpak settings app.
Cool. Could you elaborate? Because I only do this because of some kind of gut feeling… 😅
Flatpaks are containerized, making them both more reliable and more secure (in general… but it’s always possible to fuck things up).
Besides the benefits to users, there are also huge benefits to developers: they can publish a single package and support nearly every distro with it.
It’s often impossible for a dev to publish and maintain packages for all Linux distros out there, so stuff on AUR is built and packaged by well-meaning, but random people who are not the original developer. This very often leads to the app having bugs and compatibility issues which the developer ends up wasting time debugging and trying to fix even though it’s not their fault. (although downstream packagers can fuck this up too by publishing their own unofficial Flatpaks, like Fedora’s recent OBS shenanigans)
Firefox flatpak less secure because namespace not available in flatpak: https://bugzilla.mozilla.org/show_bug.cgi?id=1756236
Oh yeah, the OBS thing. Yeah, I guess these are the reasons I’ve felt like Flatpaks are a bit more stable than AUR packages. They might take up more space or whatever, but it’s nice to know they work like they’re supposed to, especially commercial stuff like Spotify and Slack etc. I just wish Flatpak software integrated better with the rest of the system without extra configuration.