should i be worried installing these two? what does it mean though?
(these are captured from Pop! OS software manager)
Flatseal: well that’s normal, it can’t control Flatpak’s access controls if it is itself sandboxed. Even if it was sandboxes, it could just grant itself everything.
For Xournal: it’s probably because it doesn’t support portals or whatever, so it can’t use the open file dialog to get permissions. So it needs to be able to get to your files somehow to open them.
In both cases, it just means its permissions model is more like regular applications you’d get from your package manager. If you install Xournal with apt/dnf/pacman it also won’t be sandboxed.
The point of sandboxing is you can run applications you don’t trust too much, or significantly reduce the blast radius if say, your browser gets breached: then it has another barrier to overcome to reach anything other than the browser’s own data. The lack of sandboxing doesn’t inherently imply the app is evil or will hack you. It just means it doesn’t have the extra protection around it. So like, probably don’t open sketchy PDFs in it, but I wouldn’t stop using the app solely because it lacks sandboxing.
I think the problem with xournal is that it cannot ask a file portal to give it access to two related files at once. “I want to let the user pick foo.pdf.xournal, and also give me access to foo.pdf”. So the next best thing is to give it the “access any damned file” permission, and let Xournal grab whatever it wants. You get the same problem with video players - you could take away their permission to open-any-file, but then they won’t be able to pick up a related subtitle file.
No, you don’t need to be worried. For example, Flatseal is a program to manage other flatpaks. This means that, by design, it needs to be able to grant flatpaks certain permissions that may expose them to system services they need to operate correctly.
One user mentioned that these new warnings aren’t particularly helpful, because they don’t give a good explanation of what or why, and they just foster anxiety in users who just want to install an otherwise reputable flatpak.
I don’t know anything about xournal++, but I would imagine it’s also reputably safe, and somebody else can verify for sure.
Yeah Xournal++ is probably the best hand-written note taking and PDF annotation program available on Linux, it’s pretty well known. The system settings permission is to honor some global settings you might have enabled, and the file system access is so you can save and open stuff from anywhere, I assume.
Sorry for the off topic, what’s the best device to use xournal++ in your opinion? MS Surface? I guess you have used some hand-written note taking apps before since you wrote this, so you’re more experienced than me for sure!
Never owned a Surface, so can’t comment on that, but I’m very happy with my One by Wacom (not to mix with Wacom One :p). It’s fairly cheap as far as these types of tablets go, it’s very responsive (I have 144Hz displays and it’s so nice to use), has a nice sueface roughness, it’s plug-and-play on Linux and has 0 maintenance (no batteries to swap).
What I like with my setup is that, contrary to traditional writing on paper, I can sit properly, looking forward, avoiding some bad neck and back pain I usually get otherwise.
Oh thank you for all the information you shared! I didn’t know this company. So this is a tablet without a display. I never used one, it’s difficult to start using it?
I’ve been given a quite old tablet pc (almost 10yo), it has its own display and hardware, just like the MS Surface, but from acer. It’s very uncomfortable to use since it has only 32GB of storage space and it has a 32bit cpu; furthermore, it has no pen and the physical keyboard you can plug to it doesn’t work anymore. A lot of flaws, right?
Despite this, Windows was decently optimized for this tablet, so it was in some way usable. Recently, I decided to give Linux a try in this tablet pc. I tried Zorin OS that has a slightly modified version of GNOME, and the touch experience (in gnome) was really bad, windows 10 GUI was a lot more optimized for that hardware. So my other question is: what distro do you use on your computer?
Having the tablet separeted from the computer is maybe a better choice. I don’t know, maybe you could share your thoughts on this, I would really appreciate. Thanks!
(sorry, clicked Enter by accident and ended up posting this half-way 😅)
So this is a tablet without a display. I never used one, it’s difficult to start using it?
Yeah, it isn’t a tablet in the usual sense of the word (i.e. it isn’t a smart tablet), it’s more like a tracking surface. The idea is that you use the little pen on it and the whole surface is mapped to your screen. There are differently sized devices, for different precision needs, much like A5 Vs A2 vs A3 etc. I have the medium one and I’m quite satisfied by it, but I had a professor that made class notes with the smaller model and it worked wonders too. Had mine not been offered to me, I’d would be more inclined to buying the small one.
They may be a bit weird to use at first, but I find that with you get the gist of it fairly quickly. I’ve had some colleagues try mine and while some got it faster and some had to spend a bit more time with it, they all got decent at it in a relatively short amount of time. I’m so used to it now that I make no conscious effort beyond what I’d do for traditional writing. I loose on a non-backlit surface and some of the physical pleasure of writing with true pen and paper (though the pen tip and tablet surface have a nice texture), but I gain incredibly productive superpowers in the form of undo, copy-paste, scaling and rotating, theming (love the white on near-black gray handwritten notes) and more (xournal++, for example, lets you embed images and even voice notes!). The pen even has nice pressure sensitivity, so you don’t loose much expressiveness with your strokes.
A lot of flaws, right?
Yeah, for this purpose, I’d say that device is not very well suited. The small version of One by Wacom is $40, which I consider fairly cheap for its quality and the value it can provide. In case that’s too expensive, you may try the second hand market, I suppose.
Your Acer tablet may still be useful for other purposes, like a Plex/Jellyfin client or similar. For good note taking, even if the device functions decently well with Windows, I’m unsure if the touch sensors are good enough (even if they were originally, they may have degraded performance now, not sure) for a proper experience. Before I tried this pen tablet, I was quite skeptical of digital note taking, but now I love it, and it’s mostly due to its incredible responsiveness.So my other question is: what distro do you use on your computer?
I use Manjaro (based on ArchLinux) with KDE Plasma (now on version 6.1), though I use no touch interface, it’s just a regular laptop onto which I connect this pen tablet via USB. For good touch support, you should look for the mobile variants of GNOME and KDE, namely Phosh and Plasma Mobile, as those are more optimized for that sort of devices. You should still be able to connect Wacom tablets and similar (there are drivers in the kernel itself).
Overall though, I agree with your last sentence, I think having the note taking tablet separated from the laptop may be better because you can just keep using your daily driver computer and, when needed, plug a fairly cheap but quality tablet and get a good handwriting experience and improved posture (very crucial to me)!
Happy to discuss this further!
Thank you so much for this detailed explanation! It’s very clear and you’re so good expressing yourself! And don’t worry for your post accidentally being posted half-way, it happened to me too, in fact there’s a deleted comment in this thread, for your same reason 😂
Anyway, I definitely must try this tablet. I am skeptical as you were, but I must give it a shot since you’ve had such a nice and productive experience. I might find out a store where I can try it or, alternatively, I might ask a friend of mine, who likes to draw, because she maybe has a tablet like this (that you connect to the computer).
Thank you again for your suggestions!
In order to avoid to spam too much here, may I contact you privately?
Make sure to check the return policy for Wacom or whichever reseller you end up going with. Some allow you to return electronic devices (if in good state, of course) up to 30 days or so after the purchase. If that isn’t possible, you can always try to resell it in the second-hand market and make most of your money back, there are plenty of websites for that (from global ones like ebay to regional platforms; I tend to prefer the latter). But if your friend has one of these (or similar) give it a try!
And yeah, feel free to reach out to me via Matrix or e-mail! You can also try other platforms listed in my website, but I don’t check those as often.
deleted by creator
The first one allows Flatseal to edit the permissions of Flatpak apps including itself.
System folder access allows a app to read the filesystem. (But not system internals)
System settings access allows the app to change settings
So the only concerning one is Xournal. However, I happen to know that it doesn’t support XDG portals which is how apps ask for permissions to files so it needs full file access. As for the system settings I have no idea.
Flatseal’s job is to do that. As for the note app, that’s not great, but you can use flatseal to take away those permissions after installation.
Its a silly default. Might also be to allow people to edit /etc configs with the app since its a basic editor. With enough dummies complaining about “doesn’t work can’t access files in <directory>” the dev may have set that to reduce negative review bloat (seriously look at the flatpak and snap stores and the number of bad reviews due to people not understanding the permissions system).
I would be turning that off immediately until I knew how trustworthy the app was or not installing it, just saying I can see where that default setting might be coming from.
Flatpak could use a permissions prompting api, so a prompt could be displayed to the user when they try to access a file outside the permissions scope, but that’s probably a lot of work to get in place. Maybe something we’ll see in flatpak in a few years.
Until then I think there needs to be some way to point new users to Flatseal and a summary of what these warnings imply and how to grok them.
Every app with home or even host access can modify its own permissions.
This is why apps need to implement portals.
a curse upon these distros for alarming people with such messages. they are meaningless and technically apply to every flatpak
a curse upon these distros
It’s not the distros, it’s Flathub who provides those warnings.
They mean that the app has that permission. It is good that they let the user know the apps capabilities
Not for the average/casual user, which is why this post exists.
The average person will look at that and see the ‘!’ in a triangle and became scared of what it can do to their system, even though it has no more permissions than a system package. Alternatively, they will become desensitized and learn to ignore it, resulting in installing flatpacks from untrusted and unverified sources.
Overall, I just think the idea around having to sandbox all flatpaks is not a good idea. To give a concrete example, Librewolf is marked as “potentially unsafe” because it has access to the download folder, but if I want to use it to open a file that isn’t in “downloads” I have to use flatseal to give it extra permissions - it’s the worst of both worlds! Trying so hard to comply with flatpak guidelines that it gets in the way of doing things, and still not being considered safe enough.
but if I want to use it to open a file that isn’t in “downloads” I have to use flatseal to give it extra permissions
There has been a portal to prevent this issue for years now. The fix isn’t to patch around issues in Flatseal, it’s for developers or Flatpak packagers to fix their security policies and code.
As an added benefit, KDE users get thumbnails in their file picker because they’re no longer stuck with the old GTK one but instead can use their native file picker portal. A win for everyone!
I don’t know about this in depth, but from what another user in this thread said, a flatpak can’t ask a portal to have access to two files at once. If I’m understanding correctly, that would explain why Librewolf needs permission to access ~/Downloads, since it can be downloading more than one file at once, and it needs access to all those files in ~/Downloads at the same time.
EDIT: I got a bit mixed up with what you were saying, but nevertheless, if this is true, then Librewofl would still need permission to access ~/Downloads and so be marked as “potentially unsafe”.
Librewolf would need to ask permission to a folder (for the standard downloads folder for instance) or it would need to show two save prompts when downloading two files (isn’t that what it does already?)
The “two files” thing only applies to applications that ask access for one file (say, an mp4) and also want a second file in that same directory (say, a matching .srt). That can be worked around by selecting multiple files in the file picker, but that does pose for an annoying restriction. I don’t see how a browser would be affected by this, though, as browsers don’t tend to also send secondary files when you upload something.
Ah, thank you for the explanation, I think I get it.
I get what you mean. When updating Linux mint, the “This needs to get some additional packages too” window, relatively benign, has a big scary ⚠️/
/!\on it.Felt the need to explain to the person I was installing it for. “That’s totally normal, just look it over first and continue.”
…like, it’s gonna do that almost every time it updates, it doesn’t need to look scary. :|
You shouldn’t use Android then. It is way worse
I think they’re a move in the right direction.
Just looking at the weird scaremongering around Signal from the past few days ("a chat app stores keys as files that you can read) shows a trend that I’ve been seeing more the past years: people have gotten so used to the Android/iOS sandboxing system that they’ve either never been taught or have forgotten how normal programs work.
Flatpak and the necessary desktop portals are very much a work in progress when it comes to user friendliness, but they’re what the world has been moving towards for a while now.
I don’t know why a journaling app needs full system access and access to system settings, and the permission Flatseal requests is a dangerous one if you pay attention to these things. Looks like they’re doing their job to me.
I don’t know why a journaling app needs full system access and access to system settings, and the permission Flatseal requests is a dangerous one if you pay attention to these things. Looks like they’re doing their job to me.
Xournal seems pretty trustworthy to me, so I assume it’s for code simplicity (or age) or not being made with Flatpak in mind - just ‘open any file/full filesystem access’’ (for basic functions like opening files) and ‘change system settings’ for probably only a few features that change system settings.
I agree the permissions are dangerous and I commend Flatpak for incentivizing developers to use granular permissions.
As others (and you yourself have said), Flatseal’s entire purpose is to edit Flatpak lermissions, so that one shouldn’t be alarming.
This is good news for flatpack!
I don’t know what the issue is here, but I can’t see anything in your post, other than this:
What’s going on? Is it Beehaw or why can’t I see it?
There are two screenshot and I can see them? No #AltText though.
My apologies, its on my end. An extension was blocking it, now I can see the screenshots. Not sure what happened, because that is the first thing I check. Everything fine, I can see the two screenshots too.
Flatpak downloads are insecure 100% of the time
