• Gamma@beehaw.org
    link
    fedilink
    English
    arrow-up
    2
    ·
    edit-2
    9 months ago

    You’re pretty much just rehashing a possible apt repo “vulnerability,” but at least with flatpak they remember where each package was installed from.

      • Gamma@beehaw.org
        link
        fedilink
        English
        arrow-up
        3
        ·
        9 months ago

        Anyone can create an apt repo and the override your system packages with new versions.

        At least with flatpak only the applications you installed from the bad actor’s repo would be affected, though obviously they can still have a ton of malicious dependencies