Flatpak Permission Survey
When working through yesterday’s post, half-way through I found the 2020 flatkill.org post and the TheEvilSkeleton response. The response was early 2021 and felt hopeful for the future.
One very different take is they were both focused on popular applications. I
was focused more on productivity applications and those that I could choose
between my distro and Flatpak to get a feel of Flatpak, apples to apples. But
the biggest concern is the statistics about 27 out of 50 popular applications
not having --filesystem=host or --filesystem=home. As I saw yesterday,
there are other ways to break out of the sandbox. I figured I’d take a look
myself, but unfortunately the popular apps today are mostly emulators and
Blink-based, so things look pretty bleak with that set. I think it is a skewed
set due to the Steam Deck, and worse than the majority of packages.
Popular
The following is from the first page of
popular on Flathub, sorted
hopefully by popularity. It is the top 30 items, because the pages hold 30. The
first three columns are straight from Flatpak’s website. “Verified” is whether
the packager has a blue check. “Security” is the sandbox permission badge
color. “Concerning permissions” is my own selection of permissions that are
concerning. I made some arbitrary decisions on what to include, mostly focusing
on sandbox escapes and unfortunate mixes of permissions. In particular, it
includes --device=all but not pulseaudio, as access to all devices might have
more implications than just webcam access.
| Name | Verified | Security | Concerning permissions |
|---|---|---|---|
| Google Chrome | 0 | Red | –device=all –socket=x11 –share=network –talk-name=org.freedesktop.secrets –filesystem=xdg-run/dconf Why so much file access? |
| Firefox | 1 | Red | –device=all –share=network |
| VLC | 0 | Red | –filesystem=host –device=all –socket=x11 –share=network –talk-name=org.freedesktop.secrets |
| Discord | 1 | Red | –device=all –socket=x11 –share=network |
| Dolphin Emulator | 0 | Red | –filesystem=host:ro –device=all –socket=x11 –share=network |
| RPCS3 | 0 | Red | –filesystem=home:ro –device=all –share=network –filesystem=/media |
| PPSSPP | 1 | Red | –device=all –socket=x11 –share=network |
| DuckStation | 1 | Red | –device=all –socket=x11 –share=network |
| Citra | 1 | Red | –filesystem=host:ro –device=all –socket=x11 –share=network |
| Brave Browser | 0 | Red | –device=all –socket=x11 –share=network –talk-name=org.freedesktop.secrets –filesystem=xdg-run/dconf |
| RetroArch | 1 | Red | –filesystem=host –share=network |
| xemu | 0 | Red | –filesystem=host:ro –device=all –share=network |
| melonDS | 1 | Red | –filesystem=home –device=all –socket=x11 –share=network |
| PrimeHack | 1 | Red | –filesystem=host:ro –device=all –socket=x11 –share=network |
| Telegram Desktop | 1 | Red | –device=all –share=network |
| Spotify | 0 | Red | –device=all –share=network |
| Visual Studio Code | 0 | Red | –filesystem=host –device=all –socket=x11 –share=network –socket=ssh-auth –talk-name=org.freedesktop.secrets |
| Steam | 0 | Red | –device=all –socket=x11 –share=network |
| ProtonUp-Qt | 1 | Red | –filesystem=~/.bashrc –device=all –socket=x11 –share=network |
| Microsoft Edge | 0 | Red | –device=all –socket=x11 –share=network –talk-name=org.freedesktop.secrets –filesystem=xdg-run/dconf |
| Flatseal | 1 | Red | –filesystem=xdg-data/flatpak/overrides:create |
| Bottles | 1 | Red | –device=all –socket=x11 –share=network –system-talk-name=org.freedesktop.UDisks2 |
| ScummVM | 1 | Red | –filesystem=home –device=all –socket=x11 –share=network |
| Protontricks | 1 | Red | –device=all –socket=x11 –share=network –system-talk-name=org.freedesktop.UDisks2 |
| Extension Manager | 1 | Yellow | –share=network |
| GIMP | 1 | Red | –filesystem=host –socket=x11 –share=network |
| OBS Studio | 1 | Red | –filesystem=host –device=all –socket=x11 –share=network |
| Heroic Games Launcher | 1 | Red | –device=all –filesystem=mnt/media –filesystem=~/.local/share/applications –socket=x11 –share=network |
| LibreOffice | 1 | Red | –filesystem=host –share=network –filesystem=xdg-run/gvfsd |
| qBittorrent | 1 | Red | –filesystem=host –share=network |
Some comments:
- 2/3 have a verified packager
- The security badge is normally red
- Every top app has
--share=network - Every top app, except for Extension Manager, has
--device=allor--filesystem=host - 2/3 have
--socket=x11
While going through the manifests, I noticed that --talk-name doesn’t show up
in the listed permissions on the Flatpak website. That is very serious, as
--talk-name=org.freedesktop.secrets seems important and access to the systemd
service provides a trivial sandbox escape. I tried to guess which dbus services
are “dangerous”, and some I looked up their definiton to make a judgement.
Strangely, I couldn’t find the definition of org.gnome.Software.
Some permission combinations are a problem without sandbox escape.
As examples, there’s little need to escape from the sandbox with
--filesystem=home:ro --share=network or --talk-name=org.freedesktop.secrets --share=network.
Only a minor concern, but I noticed that --metadata=X-DConf=migrate-path=
isn’t listed on the Flatpak website. This is a very good feature that avoids
sharing write access to all settings. But I’d have to investigate more to see
if just read-only access to settings can be a problem. It won’t contain
secrets, but there’s so many options it makes me wonder.
My programs of interest
These are the programs that I was looking at when making yesterday’s post, with a few additions. They are mostly GNOME/GTK, but with some oddballs mixed in. There are both very old GNOME programs (Videos, a.k.a. Totem) and some more recent remakes (Image Viewer, a.k.a. Loupe). I chose these as an “interesting” set. They are sorted by name.
| Name | Verified | Security | Concerning permissions |
|---|---|---|---|
| Boxes | 1 | Red | –filesystem=host –device=all –share=network –talk-name=org.gnome.Settings –filesystem=xdg-run/dconf |
| Calculator | 1 | Yellow | –share=network |
| Characters | 1 | Green | |
| Connections | 1 | Yellow | –share=network |
| Disk Usage Analyzer | 1 | Red | –filesystem=host –filesystem=xdg-run/gvfs |
| Document Scanner | 0 | Red | –device=all –share=network |
| Document Viewer | 1 | Red | –filesystem=home:ro –filesystem=xdg-run/gvfsd |
| Ear Tag | 1 | Red | –share=network |
| File Roller | 1 | Red | –filesystem=home |
| Flips | 0 | Red | –filesystem=home |
| Foliate | 1 | Red | –share=network |
| gedit | 0 | Red | –filesystem=host –filesystem=xdg-run/gvfsd |
| GHex | 0 | Red | –filesystem=host –filesystem=xdg-run/gvfsd |
| GnuCash | 0 | Red | –filesystem=host –share=network |
| gThumb Image Viewer | 0 | Red | –talk-name=org.freedesktop.secrets –filesystem=xdg-run/gvfs |
| HxC Floppy Emulator | 0 | Red | –socket=x11 |
| Image Viewer | 1 | Red | –filesystem=host –filesystem=xdg-run/gvfs |
| KiCad | 1 | Red | –filesystem=home –socket=x11 –share=network |
| Meld | 0 | Red | –filesystem=host |
| Piper | 0 | Red | –socket=x11 |
| Remmina | 1 | Red | –filesystem=home –device=all –share=network –socket=ssh-auth –talk-name=ca.desrt.dconf –filesystem=xdg-run/gvfsd |
| Rhythmbox | 0 | Red | –share=network –filesystem=xdg-run/gvfsd |
| Videos | 1 | Red | –device=all –share=network –talk-name=org.gnome.OnlineAccounts –filesystem=/run/media –filesystem=xdg-run/gvfs |
Some comments:
- 1/2 have a verified packager
- The security badge is normally red, but greens aren’t entirely mythical
- Four have
--share=networkwithout other relatively problematic permissions - Most that are missing
--share=networkhave a trivial sandbox escape - Foliate is only red only because it has
--filesystem=xdg-run/speech-dispatcher:ro.
With this set of apps, we are in the murky sandbox territory that I was
wrestling with yesterday. A sandbox might help some of these. But the
permission list exposed to users is insufficient for determining if the app is
sandboxed more than in name. It also doesn’t really matter, because with almost
universal red security badges, the user is required ignore it. If
--share=network allows access to the session bus on my distro, then only
Characters is safe, ignoring upgrades adding permissions and assuming I trust
Flatpak after all this.