However, the extent of the damage is limited by flatpak and whatever permissions you have set, and, if I understand it correctly, you cannot attack one flatpak through the other unless they share access to some files.
Also, I haven’t seen this kind of attack in the wild (maybe I’m not informed enough?) as opposed to rogue maintainers injecting malware into packages.
On an unrelated note: apparently, there is finally some Russian Lemmy instance? That’s a welcome change.
Fair criticism!
However, the extent of the damage is limited by flatpak and whatever permissions you have set, and, if I understand it correctly, you cannot attack one flatpak through the other unless they share access to some files.
Also, I haven’t seen this kind of attack in the wild (maybe I’m not informed enough?) as opposed to rogue maintainers injecting malware into packages.
On an unrelated note: apparently, there is finally some Russian Lemmy instance? That’s a welcome change.