Hello bazzite community,
I have read that BazziteOS is a secure operating system. However, one thing is still unclear to me. BazziteOS mainly uses flatpaks. Unfortunately, most flatpaks are from unverified sources such as the Steam Launcher. Personally, I would prefer to only get flatpaks from verified publishers like Firefox. Now you have a secure operating system with pre-installed applications whose publishers are not verified. Can you enlighten me?
If you familiar with Flathub, you will not care about it.
I see. Unfortunately, I can’t draw any helpful conclusions from your answer.
Have you tried using Flatseal to manage your flatpak apps? I know it’s not a direct answer to your question, but it does touch on it and may address your concerns.
Thanks for the tip Harold. Can I use Flatseal to determine the origin or source of the Flatpaks?
That I don’t know. I use it for permission control mostly.
Bazzite doesn’t use Flatpak Steam, but regardless an unverified source just means someone else is maintaining the format, which is Flatpak, just like a distro package maintainer also packages and maintains their software for their package manager.
This isn’t really a big deal since the Flatpak manifest is still open source:
Example: Spotify example since it’s a Flatpak that isn’t maintained by Spotify themselves
But still a helpful application to control everything. I will take a closer look. Thank you!
Oh, now I understand. Anyone can upload their Flatpak to Flathub. But if you are not the official publisher, you don’t get the “Verified” sign. And as you say, because it’s opensource, you can read the source code via the manifest which is open. Since Steam is not installed as a flatpak, I assume that it was rolled out via the official way, i.e. deb. Packages, was rolled out?
the shim is preinstalled which installs the fedira rpm package on bazzite