157

Flatpak is not perfect, but it's getting better (thelibre.news)

submitted 1 week ago by Pro@programming.dev to c/linux@programming.dev

42 comments fedilink hide all child comments

you are viewing a single comment's thread
view the rest of the comments

[-] Kazumara@discuss.tchncs.de 8 points 1 week ago

Best to do both, really, so a record of using a consistent public key is created.

Then supply chain attacks might be noticed. If someone manages to replace the file on the webserver but can't get to the signing key you've prevented the attack.

permalink
fedilink
source
parent

this post was submitted on 02 Jun 2025

157 points (100.0% liked)

Linux

7853 readers

243 users here now

A community for everything relating to the GNU/Linux operating system

Also check out:

!linux_memes@programming.dev
!linuxphones@lemmy.ca

Original icon base courtesy of lewing@isc.tamu.edu and The GIMP

founded 2 years ago

MODERATORS

Ategon@programming.dev

anzo@programming.dev

dwraf_of_ignorance@programming.dev