It matters as the security rating is based on that, apps like KDE Systemsettings or Flatseal show that etc.
That’s a good point.
Linux has a tiny marketshare people dont care about security that much permissions on Linux are more complex than on the actively restricted Android. External media, devices, filesystems etc
That’s true.
I think my issue with the Flatpak sandbox is I understand how it works and what its limitations are (and I’m mostly fine with them), but the average user doesn’t. I was reluctant to try Flatpak before understanding how it worked, but now that I know how it works, I think it’s fantastic! But it’s also a work-in-progress. What we have now is good, but I think it could be better. Not entirely sure how it gets better though.
Thats why I like Fedora Atomic. The core is as small as possible, the apps are just base stuff or upstream stuff like the Desktop. Everything else is a Flatpak.
I’m still not really sure where I stand on Fedora Atomic. Lack of H.264 decoding by default is a damaging choice. They should just include openH264 in the base image, reproducibility be damned. Give it 5 more years and maybe this will be revisited…
Nova + Zink + NVK will solve some of the problem with NVIDIA (maybe even very soon), but not hardware decoding currently, which is a big one.
Gamescope doesn’t work great in a Toolbox. It works fine in Flatpak, but Bottles doesn’t let me use Gamescope options. I think Lutris does, but I haven’t tried it out yet.
And how am I supposed to install fonts without layering them on?? I’ve been copying them to ~/.local/share/fonts manually.
I think the idea is cool. But I think a few more parts of the ecosystem need to be in place first. I’ll keep using it for now.