Flatpak support
-
@Stardust Interestingly you do find official apps of Brave, Opera, etc. in the snap store. Additionally, last time I looked at snap (quite a while ago now admittedly) I do not remember any such problems with the sandboxing.
So again my gut tells me that if we were to support an additional package type, snap would be a far safer option for us to endorse or recommend for our users. In addition proprietary media is actually MUCH easier on snap. There is a standard official method to add support seamlessly, indeed Opera is already doing this which is likely why they tend to push their snap app over rpm or deb.
In a way this is a shame as I do not really like Canonical's recent actions relating to trying to block flatpak in favour of snap but it does seemto be easier to work with if you are a Chromium based browser and want to ensure security.
-
@Stardust I recommend you read the manifest for any Chromium based browser. They ALL use Zypak. Most Electron apps do too… or… they completely disable the Chromium sandbox with a command line switch.
Also read this about Zypak and and tell me if this does not worry you. It should. I do not agree with replacing parts of the Chromium sandbox with a hack by a single maintainer. Perhaps this person is great at what they do and it is fine but I cannot judge this and I see it as an immediate red flag.
https://github.com/refi64/zypak/blob/main/README.md#how-does-it-work
-
@Stardust Also to be 100% clear I am not knocking security in flatpak more generally. I fully admit I am not a security professional and from my limited perspective attempting to seperate apps from each other and parts of the OS seems like a good idea. So for any app not based on Chromium or that does not do sandboxing of its own I would assume this can only good thing. But for Chromium based apps (because of the clash), I am left doubting it.
P.S. It has been commented by others more knowledgeable than me that flatpak sandboxing is not really sandboxing https://hanako.codeberg.page I note the author is not much of a fan of snap "sandboxing" either but on the flip side at least with snap the Chromium sandbox runs as intended and is not potentially weakened, so for Vivaldi and our users it would likely be better.
-
@Ruarí said in Upgrade to Chromium 114 – Vivaldi Browser snapshot 3023.3:
In Chromium if you load facebook in one tab it cannot get access to the process that runs youtube in your other tab.
Does Firefox have the same thing with Site Isolation now enabled by default iirc?
https://blog.mozilla.org/security/2021/05/18/introducing-site-isolation-in-firefox/Thus all the Chromium browsers and Electron apps use a hack (Zypak) which fakes part of the chromium sandbox.
I didn't know this
So again my gut tells me that if we were to support an additional package type, snap would be a far safer option for us to endorse or recommend for our users. In addition proprietary media is actually MUCH easier on snap. There is a standard official method to add support seamlessly, indeed Opera is already doing this which is likely why they tend to push their snap app over rpm or deb.
I have a feeling that most linux users don't like snaps. Well, I don't see any snap demands on Vivaldi forum. Everyone wants Vivaldi flatpak instead.
I personally not interesting in Vivaldi snap, I don't use snap apps at all.I recommend you read the manifest for any Chromium based browser. They ALL use Zypak. Most Electron apps do too… or… they completely disable the Chromium sandbox with a command line switch.
I wonder what if you don't disable the Chromium sandbox but disable Flatpak sandbox instead while Flatpak team improving Chromium sandboxing thing?
Also read this about Zypak and and tell me if this does not worry you. It should. I do not agree with replacing parts of the Chromium sandbox with a hack by a single maintainer. Perhaps this person is great at what they do and it is fine but I cannot judge this and I see it as an immediate red flag.
Well, it sounds like a big issue. Maybe Flatpak team will improve this soon.
I note the author is not much of a fan of snap "sandboxing" either but on the flip side at least with snap the Chromium sandbox runs as intended and is not potentially weakened, so for Vivaldi and our users it would likely be better.
I am afraid no one would use Vivaldi snap
Everyone wants flatpak!I see another option - Firefox engine for Vivaldi!
-
@Stardust said in Upgrade to Chromium 114 – Vivaldi Browser snapshot 3023.3:
I am afraid no one would use Vivaldi snap
Not true, we have had requests for it on social media and via channels like the bug tracker.
-
@Stardust said in Upgrade to Chromium 114 – Vivaldi Browser snapshot 3023.3:
I see another option - Firefox engine for Vivaldi!
That is not a remotely viable option though. That basically means throw everything away and start from scratch.
-
@Ruarí said in Upgrade to Chromium 114 – Vivaldi Browser snapshot 3023.3:
Not true, we have had requests for it on social media and via channels like the bug tracker.
That's very surprising!
That is not a remotely viable option though. That basically means throw everything away and start from scratch.
-
@Ruarí said in Upgrade to Chromium 114 – Vivaldi Browser snapshot 3023.3:
Additionally, last time I looked at snap (quite a while ago now admittedly) I do not remember any such problems with the sandboxing.
It has this major one, posted 3 years ago referring to further years back, but they are still promising it (for non Ubuntu distros):
https://forum.snapcraft.io/t/snapd-still-requires-out-of-tree-apparmor-patches-for-strict-confinement/19632Also it pretty much failed the security audit by SUSE so it wasn't ever included either in SUSE or OpenSUSE.
https://github.com/snapcore/snapd/projects?type=classicAnd snapd is only controlled by Canonical and they had a record of not quickly discovering malicious snaps there (and letting them be there in the first place, where's the check...).
-
@Ruarí said in Upgrade to Chromium 114 – Vivaldi Browser snapshot 3023.3:
throw everything away and start from scratch
we accept your generous offer. can it be ready by friday, say around lunchtime?
-
request to the Mods pls.
@Ruarí has posted some extremely valuable info on the flatpak challenge in this thread, but inevitably it'll get lost once this thread closes with ongoing snappies. afaik there's at least one "dedicated" flatpak thread. can all the fp posts in this current thread pls be copied into that other thread, so that all relevant info on this ongoing topic is centralised?
-
and I wanted to propose to make a blog-post from it
-
oh, & also, which Mod will be brave enough to flag @Ruarí for repeatedly going off-topic in this thread? shouldn't he be forced to read the t&c?
-
@Stardust said in Upgrade to Chromium 114 – Vivaldi Browser snapshot 3023.3:
make a blog-post from it
And getting more complaints on why Flatpak isn't baked yet even if insecure (blog posts are shared on all vivaldi socials).
@ybjrepnfr I'd simply add the link to Ruario analysis to the feature request, so here.
You can just flag the feature request for moderation asking to add the information provided here by Rue in the first post. -
@Hadden89 said in Upgrade to Chromium 114 – Vivaldi Browser snapshot 3023.3:
And getting more complaints on why Flatpak isn't baked yet even if insecure (blog posts are shared on all vivaldi socials).
Well, I thought it would be interesting read for flatpak users
Another idea! Bake Flatpak simultaneously with the blog-post!
-
@Stardust As long the oven stays on 180°. Btw, the fact is the post blog will make a popular feature request with low chances of implementation even more popular.
I'm not really against, but I already see the pattern of "we are in 20xx ... where is my [exploitable] flatpak?"
Now the is up to communication team. -
@Hadden89 said in Upgrade to Chromium 114 – Vivaldi Browser snapshot 3023.3:
but I already see the pattern of "we are in 20xx ... where is my [exploitable] flatpak?"
"where is my [unsandboxed] flatpak?"
sounds better!
-
@ybjrepnfr @pafflick that's great, thanks very much. this should * hopefully make it easier for future discussions to be also appended here rather than randomly spread across the forum.
* note that i deliberately said should, not would, given... history.
-
-
@hlehyaric means ⇒ T12:00+4200
-
@hlehyaric i was gonna try to make a sm@rtarse reply, but then saw the dragony one, which is excellent & beats anything i could have done. i curtsy to the champion, @DoctorG