Show warning when flatpak is going to override system app/another flatpak
Problem
I first noticed this in https://bugzilla.redhat.com/show_bug.cgi?id=1657274.
So say I have a flatpak "new little game". This is sandboxed and has few permissions.
So I e.g. install "new little game" flatpak or so, and I then cannot find it, I maybe end up saying "okay, that failed".
What really happened
The flatpak has the same ID as another native app and actually replaces that one. It may e.g. replace your file manager or your password manager. So if it is malicious, it can trojan-like replace another app than what you think it does.
This way, e.g. for password managers, it can get the password the user enters.
Reasoning
You may say, the user installed it and it's their fault. However:
- The app could act really "phishing-like" and make the user believe it is an innocent game app or so (AFAIK it can arbitrarily set the app name, screenshots, icon or so).
- At least in GNOME Software, I do not see the app ID or that it overrides existing software.
- As a user myself, I do not know what explains to me that anything is overwritten/updated here?
- The user thinks flatpaks are isolated. So it is a reasonable assumption, that they install software that they would not run as "native" apps or other dubious stuff. Especially if it has not so much permissions (as it supposedly has). As such, if that overwrites system apps, this is a big security issue.
Potential solution
Warn the user if the software that is going to be installed is overwriting other software or flatpaks. As updates should not made manually anyway, this case should never happen when you use flatpaks as they are supposed to be in your day-to-day usage.
Usability
It's also a usability problem, as GNOME Software will also only show the app ID that was last installed. So as in https://bugzilla.redhat.com/show_bug.cgi?id=1657274 if I have installed "Epiphany Tech Preview" I can no longer start, remove, uninstall or somehow else manage the system-installed Epiphany. As such, I think, a warning is the minimum thing you can do.
Originally reported at https://github.com/flatpak/flatpak/issues/2407