Are AppImages a generel security risk?

TheDoc:

It’s best to avoid them so I’d recommend reporting any bugs you find with the Flatpak to Cryptomator

But I need to get the job done and can’t wait till they someday patch the bug

TheDoc:

In the meantime it might be better to install it from one of the repositories they endorse (PPA, AUR, Nix) if any of those apply to you.

PPA seems like its an Ubuntu thing?

The other two are specific to distro’s I don’t use.

TheDoc:

you could mess with Distrobox

Isn’t this to much overhead?

anonymous595:

It is not “security nightmare” but it acts as raw BIN, so it can abuse rights because of lack of sandbox and it is still “no trust = do not run” approach.

seize:

I believe much of the security concern brought up by @Kabo are around appimage reliance on the outdated and unmaintained fuse2 library, and not sandboxing concerns .

Yes, although I prefer Flatpak mostly because of sandboxing, in the case of Cryptomator, it needs very strong permissions that allow sandbox escape anyway.

So I wonder, is AppImage a security risk, even if you assume that the dev’s are not malicous?