Website: warn users not to use the Flatpak

btw a “security” tag is missing

The Flatpak is insecure. It uses zypak which force-replaces the Chromium usernamespaces sandbox, as otherwise Brave doesnt work when isolated with Bubblewrap and Flatpaks specific isolation requirements.

A good solution would be to have Browsers be less sandboxed. You can run Firefox isolated with bubblewrap and still have its sandboxing, so this should work too for Brave.

This will require

  • official Flatpak
  • work with Flatpak/Flathub to support a custom bubblewrap seccomp filter (as far as I understood this)

As long as this is not supported, please give a BIG warning that the Flatpak is insecure! Only the Chromium Flatpak seems to be patched, and even that is probably less secure than the native version.

Currently Flatpak is just mentioned on the Website under “unofficial” as " Brave is available as a Flatpak package from Flathub." which does not warn at all

This topic was automatically closed after 30 days. New replies are no longer allowed.