probonopd edited this page Feb 27, 2016 · 2 revisions


Isn't this the same as static linking?

No. Static linking allows an application to run without dynamic libraries, but AppImages can also cover additional components like icons, translations, documentation, images, etc.

Isn't this insecure?

To quote Linus Torvalds,"The whole 'omg, the sky is falling' security argument is bogus".

Unlike distribution-provided packages, AppImages are meant to be upstream-provided, which means that you get the software exactly in the way the original author(s) intended. This also implies that it is the original author(s) responsibility to provide updates and fix security issues, exactly like for Windows and OS X applications. If you do not trust the upstream author(s) of an appplication, then you better should not use it at all.

Also, Unlike traditional packages which need root rights to be installed and can have their own non-trivial security issues, AppImages can be downloaded and run without root rights.

That being said, sandboxing techniques could potentially be used to further improve security.

Isn't it better to just use what comes with the distribution?

It depends. For base OS components, it is recommended to use what comes with the distribution. But if you want to run bleeding-edge applications on top of a stable base OS, or if you want to distribute an app to users of most desktop Linux distributions, then AppImages might be interesting for you. Windows and OS X are successful on the desktop because they make it easy to run 3rd party applications on top of the base OS platform, rather than trying to make all of them part of the platform.

Hasn't this been solved before?

Yes. Especially on other platforms like NeXTStep and OS X. There are also other similar efforts for Linux but few that are simple, distribution and desktop environment agnostic, and working today. To quote Linus Torvalds, "no, it's not a new problem, and yes, others have done similar things before (and are doing similar things right now). But it's still nice to see a project like this that fixes a problem that is very real."