Raven (she/her/it) 
i just want to be able to use Signal directly in my browser and not run an electron app, sheesh
Maxx (she/her)@sparklepanic whats wrong with it using electron?
Flatpak Electron App Throws Error With `libhardened_malloc.so` · Issue #193 · secureblue/secureblue
I have tested several flatpak electron apps, including Signal, Slack, Freetube, all of them seems to give the following error: ERROR: ld.so: object '/var/run/host/usr/lib64/libhardened_malloc.so' f...
@sparklepanic hmm ill admit theres more security vulnerabilities in electron than an up to date chromium instance, but i think these guys are blowing things out of proportion a bit. and im not totally parsing the full discussion, but a lot of that seems specific to that os?
@JezebelTheApocryphal afaik it applies to all electron-based apps, and imo we should be working toward security-by-default
@sparklepanic i mean the hardened_malloc discourse, thats os-specific. and then they get in the weeds about which other os-specific rendering engine is better? electron apps have built-in vulnernabilities ofc since theyre shipped with a certain version and only have opt-in security updates (if the devs release any at all). but that's not like some electron-exclusive issue, thats an issue with any distributed app
@JezebelTheApocryphal if by OS u mean "linux" sure (as hardened_malloc can be used in practically any distro)
and yes, in the thread they are talking about specific technologies but the point that electron-apps suck at being secure should still be fair game here
also the ux of electron apps isn't the greatest and tools like signal would be better off being able to be launched in the browser (they could make it only compatible with a recently patched browser for instance)
check this out! cool stuff
On traditional Linux-based operating systems, hardened_malloc can either be integrated into the libc implementation as a replacement for the standard malloc implementation or loaded as a dynamic library.
https://github.com/GrapheneOS/hardened_malloc?tab=readme-ov-file#os-integration
GitHub - GrapheneOS/hardened_malloc: Hardened allocator designed for modern systems. It has integration into Android's Bionic libc and can be used externally with musl and glibc as a dynamic library for use on other Linux-based platforms. It will gain more portability/integration over time.
Hardened allocator designed for modern systems. It has integration into Android's Bionic libc and can be used externally with musl and glibc as a dynamic library for use on other Linux-based pl...