One of the strongest points of Linux is the package management. In 2025, the world of Linux package management is very varied, with several options available, each with their advantages and trade-offs over the others.
Same. I like it that I can install Librewolf and some other software on Mint from Flathub instead of adding some obscure repositories with commands I don’t even understand.
Be aware librewolf and all firefox based browser have security issues with flatpak because flatpak by forcing seccomp filtering breaks the internal sandbox of the browser:
And you only get that “ease of use” of being able to install it in the software store with one click because your distro did the pain of installing and configuring flatpak for you, otherwise it would have been much worse than what you posted.
And then: appman -i librewolf which will “install” the AppImage and you can also sandbox it with am --sandbox librewolfand this sandbox does not break the internal sandbox of the browser unlike flatpak.
True, but not in a way that SnapPakImage is going to fix.
What about that isn’t “healty”?
You are basically downloading and saving the signing key of docker to the currently recommended place with appropriate permissions, and adding the docker deb-repository, explicitly stating that it should be signed by that particular key.
If you don’t trust docker, don’t add their repo. By the same logic, the Flathub repo is an “obscure repository” too.
Same. I like it that I can install Librewolf and some other software on Mint from Flathub instead of adding some obscure repositories with commands I don’t even understand.
Like with docker, this isn’t healthy:
# Add Docker's official GPG key: sudo apt-get update sudo apt-get install ca-certificates curl sudo install -m 0755 -d /etc/apt/keyrings sudo curl -fsSL https://download.docker.com/linux/ubuntu/gpg -o /etc/apt/keyrings/docker.asc sudo chmod a+r /etc/apt/keyrings/docker.asc # Add the repository to Apt sources: echo \ "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.asc] https://download.docker.com/linux/ubuntu \ $(. /etc/os-release && echo "${UBUNTU_CODENAME:-$VERSION_CODENAME}") stable" | \ sudo tee /etc/apt/sources.list.d/docker.list > /dev/null sudo apt-get updateSource: https://docs.docker.com/engine/install/ubuntu/
Be aware librewolf and all firefox based browser have security issues with flatpak because flatpak by forcing seccomp filtering breaks the internal sandbox of the browser:
https://librewolf.net/installation/linux/#security
Not to mention the librewolf flatpak is literary the portable tarball they release that works on your distro already, in other words it is the worst way possible to use librewolf.
And you only get that “ease of use” of being able to install it in the software store with one click because your distro did the pain of installing and configuring flatpak for you, otherwise it would have been much worse than what you posted.
Anyways, try using appman instead:
wget -q https://raw.githubusercontent.com/ivan-hc/AM/main/AM-INSTALLER && chmod a+x ./AM-INSTALLER && ./AM-INSTALLERAnd then:
appman -i librewolfwhich will “install” the AppImage and you can also sandbox it witham --sandbox librewolfand this sandbox does not break the internal sandbox of the browser unlike flatpak.You may want to learn the commands and review the repos.
True, but not in a way that SnapPakImage is going to fix.
What about that isn’t “healty”?
You are basically downloading and saving the signing key of docker to the currently recommended place with appropriate permissions, and adding the docker deb-repository, explicitly stating that it should be signed by that particular key.
If you don’t trust docker, don’t add their repo. By the same logic, the Flathub repo is an “obscure repository” too.