Is running Windows applications in Bottles (Flatpak) safe?


I’m using Fedora 37 GNOME as my main OS.

I’m not using Wine because of safety reasons. (I use a Windows VM instead)

But now I heard about Bottles (available as Flatpak). I wonder, if running an application in Bottles is safe? Could malware, that is accidentaly running in a “bottle” harm the Linux System? Steal something (e.g. a photo or something written in LibreOffice Writer,…) out of an other running (Linux-)application? (I’m using Xorg)

Is there another security problem, that I didn’t consider?

Thank you very much in advance!

No experience with or insight to Bottles, but generally it all depends on the permissions “Bottles” has. flatpaks are not all confined. I guess it would be good to install Flatseal and Bottles from flathub and study the permissions that Bottles is setting. Anything that the flatpak “Bottles” is allowed to read write, the potential malware can read/write as well.

It all depends on the permissions Bottles is setting. If it comes with filesystem=host, filesystem=home or device=all, there is limited sandboxing…

It would be better to say that there is a limited sandboxing (filesystem is not the only thing that is sandboxed).
And for sure not less than using an application installed through RPM or from sources.

1 Like

agreed, let me edit my post.

Thanks for the answers!

So if I only give access to a specific folder in Flatseal, the Windows application is sandboxed properly and can do no harm to my Fedora 37 system?