Mozilla announced today in a blog post that it is now offering an RPM package of the Firefox open-source web browser for RPM-based GNU/Linux distributions, with an initial focus on the Firefox Nightly releases.
Mozilla already provided a DEB binary package for Debian-based systems, so they’re now offering the same native package installation of Firefox for RPM-based systems, making it a lot easier for users of RPM-based distributions to update their Firefox installations to the latest version on the day of the release.
Using the RPM package over the official binary package offers some benefits, such as better performance due to advanced compiler-based optimizations, hardened binaries with all security flags enabled, access to the latest Firefox releases as fast as possible, and you won’t have to create your own .desktop file anymore
Is this because everything runs as root inside Flatpak? Wouldn’t it be possible to run as non-root inside Flatpak?
No, nothing runs as root in a Flatpak. The problem is that Flatpak stops apps from using unprivileged user namespaces, which is used by all modern browsers to isolate web contents. Because the browser (Firefox) can’t use namespaces, a malicious website can use a single exploit instead of needing to chain two separate exploits, making it significantly more likely to break the sandbox.
Ah interesting. I was thinking of this post
https://lemmy.dbzer0.com/post/61124103