- Sandboxed X resource manager access and X toolkit intrinsics.
- Because it uses systemd, all of the problems of systemd also apply.
The design of D-Bus is also full of problems.
I do not use a desktop environment on my computer, and I should not need one. Programs should not need to draw their own window decorations. There are other issues, too (some of which are mentioned on the web page about the security problems). GTK also has many problems.
The blue "sandboxed" icon is not very good if it does not elaborate the specifics of the sandboxing (and, ideally, should allow user customization of the sandbox settings).
The system should not make it difficult for programs to be used together. Unfortunately, many programs do (although I try to fix this; use of user-specified commands with popen is one thing that should help, but some things will just need much of the existing designs to be corrected or entirely replaced).
None of that debunks the 2020 article. It sounds like they kind of fixed some of the stuff a year later, but it's still largely broken. Am I missing something?
Before Flatpak I had tons also of unaudited repositories too, binaries in my home, appimages (I still have some of this) ... Flatpak have tons of things yet to improve (security ones the more worrisome), but it is a step forward from what we had before (specially if your workflow needs many apps that should be always updated).
User repository with no assurance that apps are integrated properly with the framework. Applications that are packaged to just spawn on the host, that is outside the sandbox, are accepted and distributed on flathub. Its all over, but you are naturally checking every runtime and app manifest to ensure otherwise.
I still avoid using flatpak due to the lack of proper integration. Flatseal helps a lot in fixing some of those issues (at least in Fedora) but I would rather go and find an .rpm or .deb than rely on Flathub for anything but a quick test to see if I like an application.
- Dealing with non-Unicode text (including file names).
- Running external user-specified programs by pipes (popen), and/or user-specified dynamic libraries.
- Sandboxed X resource manager access and X toolkit intrinsics.
- Because it uses systemd, all of the problems of systemd also apply.
The design of D-Bus is also full of problems.
I do not use a desktop environment on my computer, and I should not need one. Programs should not need to draw their own window decorations. There are other issues, too (some of which are mentioned on the web page about the security problems). GTK also has many problems.
The blue "sandboxed" icon is not very good if it does not elaborate the specifics of the sandboxing (and, ideally, should allow user customization of the sandbox settings).
The system should not make it difficult for programs to be used together. Unfortunately, many programs do (although I try to fix this; use of user-specified commands with popen is one thing that should help, but some things will just need much of the existing designs to be corrected or entirely replaced).