I've been using it since the weekend and it's so great!
My favourite feature is that it's all flatpak, allowing smartphone-like permissions for each desktop app — both first-party and any third-party from Flathub.
I like it way more than snap and am glad there's an Ubuntu fork that works so wonderfully with it.
There's also Flatseal (https://flathub.org/apps/details/com.github.tchx84.Flatseal) as a user-friendly way of managing permissions for flatpak apps. This version of elementary OS comes with its own permission manager, but with my limited experience with both, it seems like it allows tweaking less permissions than Flatseal.
Everything in that reference basically says "yep the criticism is valid" and in a few cases the author expands on that with "but it's ok because..." and then lists various reasons why it's fine that it's still a problem but that's it's being worked on. They also had to correct a good chunk of just outright incorrect information they were supplying mid-post about system updates.
One item was addressed, which was that flatpak now notifies the user that sandbox escapes are possible based on the app's configuration.
As a response to the criticisms, it's not a great one.
Consider also, there are better ways that some of these issues could have been tackled. Why not have flatpak prompt for permissions as they're used, e.g.: "This app wants to open your home directory" rather than at install-time. That would make it abundantly clearer to the end users this is aimed at.
> Why not have flatpak prompt for permissions as they're used, e.g.: "This app wants to open your home directory" rather than at install-time. That would make it abundantly clearer to the end users this is aimed at.
I'm going out on a limb and guessing that it is because that's what is done in mobile, and it's usage in mobile has re-taught everyone the lesson that constant dialog prompts just train users to click through dialog prompts without reading them. That's bad, and annoying.
I do still think there are better solutions to that problem, but it would require more effort from users to get applications working if they weren't designed with sandboxing in mind, which is the vast majority of applications, which in turn means that Flatpak probably wouldn't have grown as quickly.
While that's true, at least some users are protected. I've never really bought into that particular criticism of mobile. Users are going to click through regardless until they've been burned a bunch of times. The users who pay attention to those prompts are the ones you want to benefit, and hopefully eventually those other users will be trained into the safer behaviour. (Yeah I hear myself)
As it stands though, flatpak out of the box has all the security issues of running old unpatched systems in order to mostly have compatible runtime environments, which, in my experience, don't actually buy me that much. The few times my distro hasn't already shipped a copy of an application, AppImage, Flatpak, or Snap haven't had the solution either.
This entire experiment we're doing with "ship the developer's box" as the new standard of software delivery and the different warring philosophies employed to turn that into a reality are interesting. My money is on the least secure, least safe, least functional, but best marketed thing winning out.
On the other hand my family learned the opposite lesson (without assistance from me).
They essentially deny every such permission request and for the few they actually care about (getting notifications from 2 or 3 of the 50 apps that want notification access) they come and asked for assistance.
One of the nice things about the iOS ecosystem is that apps aren’t allowed to be nonfunctional if you deny them access to something.
Flatpaks, as well as snaps and appimages to a lesser extent, are a true godsend to the linux desktop. I can finally have a stable system and software released yesterday.
Unfortunately each has its own drawbacks and, in typical Linux Desktop fashion, it's 3 fragmented solutions to roughly the same problem with none of them being standard or enjoying a particularly de-facto status.
The end result being that you can't get everything in any one of them, and often can't get a particular application in any of them.
As someone who's released commercial software on linux before - having only 3 solutions to target is actually pretty delightful (We still build .deb and .rpm as well, so 5 really, after snap, flatpak and appimage)
Plus I find the general sandbox approach to be a LOT more stable - distro upgrades rarely causes issues, and dependencies are much easier to wrangle.
Definitely still some hiccups, but overall it feels like it's moving in a direction that I find easier to work with - both as a user and a developer.
Plus the markets are generally fairly large - sure I still dip into aur every now and then, but I mostly find the "Software I need at work" stuff available
In what sense? If you mean the fact there are multiple solutions, I don't think it's anything to do with Linux Desktop. I don't think that's even to do with Linux. More the plethora of alternatives in general when using FOSS. But that to some is its strength, not failure.
I disagree. Now to ensure I can install software I need not just one package manager, but at least 2 or 3 (atp, flatpak, snap). Of course that doesn't cover all the bases either, I'm still occasionally going to have to compile something from source because the developer didn't even bother making a binary because they don't want to build it for 5+ different packaging formats, several of which will need constant maintenance.
When it comes to platforms[0], you need to be able to depend on certain things being there and working a certain way. Fragmentation of a platform is bad, and Linux Desktop is so fragmented the various distros style themselves as entirely different OSs!
[0] As opposed to applications. Part of the problem is that historically there has never been a clear delineation in Linux Desktop.
> Fragmentation of a platform is bad, and Linux Desktop is so fragmented
This is the point I'm making though. There is fragmentation on the desktop (even if we just stick to window managers, display managers, desktop environments). But there's fragmentation EVERYWHERE. I can choose from thousands of distros, in numerous package formats, with different opinions on that collection of software and its default configuration.
Linux Desktop is fragmented but no worse, IMHO, than elsewhere. I'm not saying it's a good thing, but some people do like the choice otherwise those other choices wouldn't exist.
Android is also a prime example of the same thing.
I think there may be some misunderstanding. I'm using "Linux Desktop" to denote the collection of all software for Linux that provides the desktop experience. That includes all the distros, packaging formats, and whatnot.
If you compare Linux Desktop to other desktop operating systems it is catastrophically fragmented by comparison.
> Android is also a prime example of the same thing.
No, it really isn't, because I only have one package format that I have to package Android applications in and the only API I have to deal with is the Android API. Though of course that's a headache because of how new permissions and older APIs interact, but that's still a lot more straight-forward.
The point of the statement wasn't to badmouth developers for not making a Linux binary, it was to criticize the state of application deployment on Linux being so terrible that a developer didn't want to bother making a binary for it. That's true regardless of the cost of the software. Linux Desktop doesn't get to be all "please use me, I'm great!" and "well, what do you want for free?" at the same time.
Can't say I've stumbled upon a lot of desktop apps (not terminal utilities) that are not on Flathub. The list is pretty long: https://flathub.org/apps/category/All
From my experience, most of the popular proprietary ones (think: Slack, Discord, Spotify, whatever) are distributed both as a flatpak and as a snap, while more niche desktop apps are usually flatpak-exclusive (out of those options).
> Can't say I've stumbled upon a lot of desktop apps (not terminal utilities) that are not on Flathub.
Perhaps you just don't use that many things that aren't really popular or well known? I can't find PuTTY and KeePass (though obviously there are alternatives in those cases), applications that both have Linux versions and that I use every day (and aren't even that unknown).
Also, unfortunately the limitations of Flatpak mean even if what you want is there, say Wireshark, it often won't have full functionality because it is impossible to give it the permissions it needs. In Wireshark's case, it can't actually capture any packets. If you want to actually use it you'll still need to resort to a different installation method.
Window management. It's basically a way to segregate a general terminal (usually used for local stuff) from a window specifically for SSH.
For me this was a much bigger issue when I was on Windows, but also in Ubuntu which groups programs together similarly to the Windows taskbar. I'm on i3 now mostly and just use a normal terminal for ssh, but for quite some time I was using putty on linux specifically for window management.
Hi AnIdiotOnTheNet! I really appreciate your comments against linux. I'm true. Since I don't have much knowledge about NT's strengths, the comments I like the most are the ones where you highlight advantages of the NT kernel over linux.
It's been some time since I last read anything like that from you. Would you mind to comment if ebpf usage and the possible new futex2 syscall helps to close the gap between linux and NT with regards to async primitives?
My favourite feature is that it's all flatpak, allowing smartphone-like permissions for each desktop app — both first-party and any third-party from Flathub.
I like it way more than snap and am glad there's an Ubuntu fork that works so wonderfully with it.