(lwn.net)

306 points dxs | 1 comments | 22 May 25 23:51 UTC | HN request time: 0.224s | source

Show context

conradev ◴[23 May 25 00:44 UTC] No.44068680[source]▶

The permissions issues are real.

It still isn't possible to package Tailscale or anything that creates a virtual interface as a Flatpak because there is no permission for that. macOS has an API to ask for permissions to add an interface/change routes.

replies(5): >>44068857 #>>44069176 #>>44069413 #>>44069472 #>>44071203 #

1. ChocolateGod ◴[23 May 25 09:04 UTC] No.44071203[source]▶

>>44068680 #

> It still isn't possible to package Tailscale or anything that creates a virtual interface as a Flatpak because there is no permission for that.

It's possible but not ideal. The application could use flatpak-spawn (to get out the sandbox) and then polkit-exec (to ask user for root perms for arbitrary use) to get root privileges on the host, but you're removing nearly all sandboxing.

↑

The Future of Flatpak