alt Hacker NewsOn Linux, would something like Snap or Flatpak have protected them? It seems nuts that a random executable should have access to the password service.
Replies
Gigachad • yesterday at 10:47 PM
Yes if the flatpak sandboxing is enabled. A flatpak can just request access to anything, the software store thing shows a bunch of scary warnings when they do this but many users probably ignore them.
Ultimately it depends on the exact mechanism here, maybe the tool/README said "Run sudo ./setup-deps" and they followed it, or something similar, not sure any sort of software isolation would have helped at that point.