GNU social JP
  • FAQ
  • Login
GNU social JPは日本のGNU socialサーバーです。
Usage/ToS/admin/test/Pleroma FE

  • Public

    • Public
    • Network
    • Groups
    • Featured
    • Popular
    • People

Conversation

Notices

  1. Embed this notice
    h3artbl33d :openbsd: :ve: (h3artbl33d@exquisite.social)'s status on Tuesday, 19-Nov-2024 19:35:31 JST h3artbl33d :openbsd: :ve: h3artbl33d :openbsd: :ve:

    Flatpak, after many years, is still an insecure shitshow.

    Yes. That article is four years old. It still applies :flan_peek:

    In conversation about 7 months ago from exquisite.social permalink
    • Embed this notice
      Jiří Eischmann (sesivany@social.vivaldi.net)'s status on Tuesday, 19-Nov-2024 19:35:28 JST Jiří Eischmann Jiří Eischmann
      in reply to

      @h3artbl33d Man, it takes like a minute to check that the first argument doesn't apply any more. GNOME Software warns you that Octave has full access to your home. And if you don't like it, you can disable the access (but most likely crippling the app). Not sure if the other argument applies. It's about old CVEs in runtimes which have been long EOL. 🤷♂️

      In conversation about 7 months ago permalink
    • Embed this notice
      fiery (fiery@snac.bsd.cafe)'s status on Tuesday, 19-Nov-2024 19:35:28 JST fiery fiery
      in reply to
      • Jiří Eischmann
      If there is a "warning" and you cannot even have the choice to disable the access because it won't work, that means it still applies as the security issues are all there all the same.

      CC: @h3artbl33d@exquisite.social
      In conversation about 7 months ago permalink
    • Embed this notice
      fiery (fiery@snac.bsd.cafe)'s status on Tuesday, 19-Nov-2024 19:57:05 JST fiery fiery
      in reply to
      • Jiří Eischmann
      Yes, it is exactly this kind of lazy, simplistic thinking that brought us where we are. For some very specific software yes, they may need full, unrestricted access to the whole of my home folder and then I either trust it and grant it the permissions it needs, or do not use it all. For the vast majority of apps, that is not the case and their access can be restricted (sandboxed) such as to limit potential damage it could cause in case of a security failure or downright trojan horse. If I am told the app is sandboxed and it still gets full access to the whole of my home folder, that is still a fucking lie, of the worst kind, a misleading half-truth.

      CC: @h3artbl33d@exquisite.social
      In conversation about 7 months ago permalink
    • Embed this notice
      Jiří Eischmann (sesivany@social.vivaldi.net)'s status on Tuesday, 19-Nov-2024 19:57:06 JST Jiří Eischmann Jiří Eischmann
      in reply to
      • fiery

      @fiery @h3artbl33d You want to run an app that needs access to your home and you don't like it, so maybe, only maybe you shouldn't use the app in the first place? 🤔

      In conversation about 7 months ago permalink

Feeds

  • Activity Streams
  • RSS 2.0
  • Atom
  • Help
  • About
  • FAQ
  • TOS
  • Privacy
  • Source
  • Version
  • Contact

GNU social JP is a social network, courtesy of GNU social JP管理人. It runs on GNU social, version 2.0.2-dev, available under the GNU Affero General Public License.

Creative Commons Attribution 3.0 All GNU social JP content and data are available under the Creative Commons Attribution 3.0 license.