What can Flatpaks see

anonfox · May 18, 2025, 8:55pm

Android and iOS apps with their modern robust sandboxes can still see quite a lot about their OS, e.g. [1] and [2]. This makes me wonder that, if a Flatpak has no permissions (or its permissions are removed with flatpak override) except for necessary ones (e.g. Wayland), what can it see about its distro.

I believe they can read the clipboard arbitrarily, but not sure about anything beyond that (assuming a DE that protects screencopy).

asanyan · May 18, 2025, 9:45pm

Pretty sure the app would need access to the wayland socket for that. With no permissions, it can’t.

anonfox · May 18, 2025, 10:12pm

True, but you’ll need to give it access to X11 or Wayland to work I think. Will edit the original post.

Topic		Replies	Views
Sandboxing Applications on Desktop Linux Community Wiki linux	0	182	April 22, 2022
Complete lack of per App file access and permissions control in Linux (and also other Destops OS like Mac and Windows) Guide Suggestions	1	172	November 13, 2024
Linux Application Sandboxing Articles	1	592	April 22, 2023
Share=ipc and Wayland in Linux (Immutable Fedora Silverblue, Fedora Kinoite and others) Questions	3	537	December 3, 2023
[Solved] Signal (Flatpak) can access my files even Flatseal shows the opposite Questions software	2	882	June 29, 2024

What can Flatpaks see

Related topics