Web lists-archives.com

Re: Limiting the power of packages




* Paul Wise:

> To fully solve the problem you need a whitelist based approach that
> ends up something completely different like Flatpak.

Flatpaks don't work this way.  Try installing gedit and open a file
like ~/.ssh/id_rsa with it.  There are no security prompts whatsoever,
yet the software in a flatpak can read your SSH private key.