Hi there,
I am just wondering if I could get any insights into the recommended way to install software which is not found in the fedora repos.
Is there any clear way to harden the security and disable permissions on applications in Fedora?
I am wondering as with an app I am wanting to install scrcpy it provides no clear way to sandbox it with the copr repo version.
It is a screen sharing app which could pose a security threat potentially
I have been told to be wary of apps in the copr repo and I have the alternative to install via flatpak (which I can sandbox and harden with flatseal - i.e disable perminssions) though it requires a lot of dependencies,
What would be ideal from a security standpoint? copr version or flatpak version
[isaiah@fedora ~]$ sudo dnf copr enable zeno/scrcpy
[sudo] password for isaiah:
Enabling a Copr repository. Please note that this repository is not part
of the main distribution, and quality may vary.
The Fedora Project does not exercise any power over the contents of
this repository beyond the rules outlined in the Copr FAQ at
<https://docs.pagure.org/copr.copr/user_documentation.html#what-i-can-build-in-copr>,
and packages are not held to any quality or security level.
Please do not file bug reports about these packages in Fedora
Bugzilla. In case of problems, contact the owner of this repository.
Do you really want to enable copr.fedorainfracloud.org/zeno/scrcpy? [Y/n]:
[root@fedora isaiah]# flatpak install scrcpy
Looking for matchesâŚ
Found ref âapp/in.srev.guiscrcpy/x86_64/stableâ in remote âflathubâ (system).
Use this ref? [Y/n]: y
Required runtime for in.srev.guiscrcpy/x86_64/stable (runtime/org.kde.Platform/x86_64/5.15-21.08) found in remote flathub
Do you want to install it? [Y/n]: y
in.srev.guiscrcpy permissions:
ipc network wayland x11
devices file access [1] dbus access [2]
[1] xdg-config/kdeglobals:ro
[2] com.canonical.AppMenu.Registrar, org.kde.KGlobalSettings,
org.kde.kconfig.notify
ID Branch Op Remote Download
-
org.kde.KStyle.Adwaita 5.15-21.08 i flathub < 6.6 MB
-
org.kde.Platform.Locale 5.15-21.08 i flathub < 345.9 MB (partial)
-
org.kde.Platform 5.15-21.08 i flathub < 310.9 MB
-
in.srev.guiscrcpy stable i flathub < 19.5 MB
Proceed with these changes to the system installation? [Y/n]: