Hi, I’m trying to add authentication for my Flatpak app.
Some items in the app are “protected,” and I only want users to be able to interact with them after entering their system password. I don’t want to build a password system inside the app; I want to rely on Linux’s native authentication.
The only way I found so far is using pkexec or the sudo/unix_chkpwd method. However, the pkexec approach requires --talk-name=org.freedesktop.Flatpak, which seems excessive and sudo/unix_chkpwd method still relies on flatpak-spawn --host and therefore still needs --talk-name=org.freedesktop.Flatpak.
I’m looking for a safe, standard way for a Flatpak app to verify the user via system authentication for these protected actions, without exposing the password or bypassing the sandbox, Any advice?
Just to note: You’re opening a massive, and I mean massive security hole with this. Because you essentially attempt to run whatever is behind the pkexec or sudo with root permissions. You should not use these commands unless you really, really need to work on the system itself (but even then you try to minimize use of this).
To put it simple: There is none.
Linux has its systems for elevated system access, like sudo or Polkit. But these are explicitly if you need to do something outside of the scope of normal user activities.
If an app needs to “protect” parts of it as in an access control, this is responsibility of the app itself to implement.
If you need to securly store some data, you can use the Secrets portal via libsecret. If you need to user authentication for certain data, let the user create a password for them and store that with the mentioned Secrets portal.
And if you find it hard to justify the user having to create a new password to access the “protected” parts of your app, then your app maybe doesn’t need that protection necessarily…
The last release (and the last activity on the project) appears to be three years ago, and the PR list clearly indicates that it is out of maintenance.