Zoom Client Dilemma - DEB vs FLATPAK

Everything about X, Gnome, KDE, ... and everything running on it

Re: Zoom Client Dilemma - DEB vs FLATPAK

Postby sgosnell » 2020-09-12 13:57

Sorry, but that does not give it root access. Most executables are in /usr/bin, which is owned by root, but that does not give them root access.
sgosnell
 
Posts: 781
Joined: 2011-03-14 01:49

Re: Zoom Client Dilemma - DEB vs FLATPAK

Postby Danielsan » 2020-09-12 14:00

sickpig wrote:check the permissions the zoom flatpak has above. What sandboxing has it achieved? You are granting it all the permissions zoom's official .deb would have.

Flatpak only makes sense when you need to install the latest version of something which is not available in stable.


Security in *nix means a software that can not harm your system, if then it can erase your "home" isn't considered a security issue; from a desktop perspective doesn't make really sense, but it is what it is. This can happens with Appimage, Snap, Wine, PPA or any simple linux binary download randomly from internet. While exists a way to change the Flatpak permissions, probably any applications need to write on your user home to store configuration or caching data hence you may not restrict access on your home partition, it is really controversial.

Flatpak is cool, event though someone endorses that is just the gate to introduce proprietary software on Linux, and in combination with Debian stable can be really the key to have update software while you preserve the integrity of your system, you can achieve the same with NIX and Guix as well though. I think that the secret of GNU/Linux are maintainers like this article endorses: http://kmkeen.com/maintainers-matter/

Anyway with the Deb package the system hasn't frozen so far...
User avatar
Danielsan
 
Posts: 598
Joined: 2010-10-10 22:36

Re: Zoom Client Dilemma - DEB vs FLATPAK

Postby Danielsan » 2020-09-12 14:00

sgosnell wrote:Sorry, but that does not give it root access. Most executables are in /usr/bin, which is owned by root, but that does not give them root access.


I am not sorry, I am happy... :D
User avatar
Danielsan
 
Posts: 598
Joined: 2010-10-10 22:36

Re: Zoom Client Dilemma - DEB vs FLATPAK

Postby oswaldkelso » 2020-09-12 14:43

https://my.fsf.org/give-students-userfreedom

https://www.fsf.org/blogs/community/sig ... -classroom

My daughter in-law who doesn't give a shit about free-software and uses an Apple was really impressed with moodle which she uses for her studying.

https://moodle.org/ Software built for teachers and students
Ash init durbatulûk, ash init gimbatul,
Ash init thrakatulûk agh burzum-ishi krimpatul.
User avatar
oswaldkelso
 
Posts: 1269
Joined: 2005-07-26 23:20
Location: UK

Re: Zoom Client Dilemma - DEB vs FLATPAK

Postby sickpig » 2020-09-12 19:52

Danielsan wrote:Unfortunately it has root access.


I disagree.

Clearly you do not know the difference in between being an owner of a file and being able to execute it. You will not be able to run it as root unless there is rule in /usr/share/polkit-1/actions for allowing root to run zoom which is a graphical application.

run /opt/zoom/ZoomLauncher and see what it is running as

Code: Select all
ps aux | grep -i zoom | grep -v grep


You will see it runs as your user NOT as root.
Also you can chown /opt/zoom/ZoomLauncher without the loss of functionality - it takes less than 5 secs.

Danielsan wrote:Security in *nix means a software that can not harm your system, if then it can erase your "home" isn't considered a security issue; from a desktop perspective doesn't make really sense, but it is what it is.


Yes it isn't a security issue it is peback.

Danielsan wrote:Flatpak is cool, event though someone endorses that is just the gate to introduce proprietary software on Linux,


yes definitely cool if you are ok with apps running with missing fonts or being slow to start or being resource inefficient - or as in this case rendering the host system inoperable.

Nix is a viable option - it does consume heaps of more disk space than .deb but does not suffer from other issues which flatpak and snaps have.

Guix - I am not sure, FWIK it does not have systemd so I am not sure how they are going to package something which is dependent on systemd.
User avatar
sickpig
 
Posts: 474
Joined: 2019-01-23 10:34

Re: Zoom Client Dilemma - DEB vs FLATPAK

Postby oswaldkelso » 2020-09-12 23:39

sickpig wrote:Yes it isn't a security issue it is peback.

Danielsan wrote:Flatpak is cool, event though someone endorses that is just the gate to introduce proprietary software on Linux,


Solved by running Amazon Linux. Please feel free to explain!
viewtopic.php?f=3&t=59034&start=1635#p727096

sickpig wrote:Guix - I am not sure, FWIK it does not have systemd so I am not sure how they are going to package something which is dependent on systemd.

I think the way it works is you don't unless upstream is co-operative or you're prepared to maintain the fork

For me that means I use something else that's a bit more unix-like rather than systemd-lockin-like. Heck even Luke Smith who has never been that bothered about inits is freaking :-)
https://libre.video/videos/watch/b57601 ... 14e0889136
Ash init durbatulûk, ash init gimbatul,
Ash init thrakatulûk agh burzum-ishi krimpatul.
User avatar
oswaldkelso
 
Posts: 1269
Joined: 2005-07-26 23:20
Location: UK

Re: Zoom Client Dilemma - DEB vs FLATPAK

Postby sickpig » 2020-09-12 23:50

oswaldkelso wrote:Solved by running Amazon Linux. Please feel free to explain!
viewtopic.php?f=3&t=59034&start=1635#p727096

I don't understand what needs explanation? That thread I understand is about which OSes you run which are not Debian.
I never claimed Ami 2 should be used for security. I just use it for a few containerized apps and sometimes as a DAAS for better internet speed. You can't beat Aws backbone in terms of internet speed and low latency.
User avatar
sickpig
 
Posts: 474
Joined: 2019-01-23 10:34

Re: Zoom Client Dilemma - DEB vs FLATPAK

Postby oswaldkelso » 2020-09-12 23:53

You can't moan about security when running an OS that you have no way of checking if it's secure.
Ash init durbatulûk, ash init gimbatul,
Ash init thrakatulûk agh burzum-ishi krimpatul.
User avatar
oswaldkelso
 
Posts: 1269
Joined: 2005-07-26 23:20
Location: UK

Re: Zoom Client Dilemma - DEB vs FLATPAK

Postby sickpig » 2020-09-13 00:20

oswaldkelso wrote:You can't moan about security when running an OS that you have no way of checking if it's secure.

where did I moan about security? Are you hallucinating? I can very well secure my systems it's not an issue for me.
User avatar
sickpig
 
Posts: 474
Joined: 2019-01-23 10:34

Re: Zoom Client Dilemma - DEB vs FLATPAK

Postby Head_on_a_Stick » 2020-09-14 16:32

I've had success running Zoom in a QEMU/KVM virtual machine with the camera passed through (gnome-boxes has an option for that). The video flickered for one of the sessions but it usually worked flawlessly.
Black Lives Matter

Debian buster-backports ISO image: for new hardware support
User avatar
Head_on_a_Stick
 
Posts: 12488
Joined: 2014-06-01 17:46
Location: /dev/chair

Previous

Return to Desktop & Multimedia

Who is online

Users browsing this forum: DocTomJP and 3 guests

fashionable