I run Debian 13 with MATE. I recently switched from the distro release to the flatpak version of FreeCAD, as the distro release is of course a few versions behind. Bear with me, as I am very new to using Flatpak or anything other than normal apt packages.
I just noticed that FreeCAD announces it is running as super user in the window title bar.
The interesting part is it doesn't ask for privilege escalation with password entry when I launch it.
Seeing as FreeCAD never ran as SU with the distro release installed via apt, and I don't think the program does anything that really needs SU... As much as I trust FreeCAD, this seems like a security hole I'd rather not have.
Is the Flatpak version running inside it's own "box" and it isn't getting SU permissions across my whole system? Or what am I missing here.
Well, but Flatpak also has the rule to not break anything by default.
And they call things like changing filesystem=host to the specific directories (home, run, mnt) "security theatre" and prefer waiting forever for legacy apps to magically fix it