this post was submitted on 15 Jun 2026
67 points (98.6% liked)
Linux
13986 readers
533 users here now
A community for everything relating to the GNU/Linux operating system (except the memes!)
Also, check out:
Original icon base courtesy of lewing@isc.tamu.edu and The GIMP
founded 3 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
For me, some of the software I use isn't available on the official Arch repos, but they are on the AUR. I prefer the AUR over solutions like Flatpak or AppImages, but I use a mix of them all depending on what I need to install.
Interesting, I prefer Flatpak over the AUR when available, because the AUR seems more susceptible to attacks like this. I don't know the security model of a Flatpak repository, so it's just a feeling so far.
The nice thing about Linux is that it gives you options, so you can decide which you prefer!
True. I just hope I'm right in my way of thinking there, is all. 😅 Maybe someone more knowledgeable than I am could fill me in on wether or not Flatpak is actually a safer option than the AUR (given blindly installing stuff without inspection).
I believe Flatpak is safer than the AUR, as there is comparatively more vetting by third parties (e.g. Flathub). Also, the apps you install are sandboxd, which has upsides in terms of security but may have downsides for certain kinds of app, since permissions for full file access, communication with other apps, etc. are restricted by default.
I like the AUR since it's more "native" than the one-size-fits-all Flatpak, but I use both depending on the use case for that app. Sometimes, one version is out of date, in which case I would prefer Tue other.
This is what I had assumed as well, so thanks for confirming!
Not sure how what you mean by "native" though. Flatpak apps don't run in some kind of virtualization, do they? Or you mean native to the package system?