Show menu

Security

APM (AppImage Package Manager) is built with a “security-first” mindset, providing a hardened environment for untrusted AppImages.

Automatic Sandboxing

Unlike standard AppImages that run with your full user permissions, APM wraps every application in a Sydbox sandbox. By default, apps have no access to your network, your files, or your hardware.

DNS Verification

For maximum trust, APM supports DNS-based signature verification. If an AppImage is signed, APM fetches the developer’s public key from a TXT record on their domain. This ensures that the binary hasn’t been modified and that it truly originates from the claimed source.

Integrity Checks

Because APM uses a Content-Addressed Store (CAS), it can verify the integrity of any file at any time. If a file in the store is modified, its hash will no longer match its address, and APM will detect the corruption immediately.

The public key used to verify a package is published as a DNS TXT record on the developer’s domain. This ties every package to a verified domain name rather than a centralized account. There is no central authority that can be compromised to push malicious updates. An attacker would need control of both the developer’s signing key and their DNS.

Because trust is rooted in DNS, malicious domains can be blocked at the DNS level, causing signature verification to fail and preventing installation. See DNS verification for details.

Sandbox

Installed applications run inside a sandbox that restricts access to the host system by default. Developers declare the permissions they need in manifest.json, such as network, filesystem paths, GPU, and audio. APM enforces these declarations at runtime, so an application cannot access resources it did not request. Users can review the requested permissions before installing.

Content-addressed store

Files are stored by their content hash in a shared store. This means APM can verify the integrity of every file on disk at any time by recomputing its hash. If a file has been tampered with, the hash will not match and APM will flag it. The same mechanism prevents a corrupted download from being silently installed.

Update integrity

When performing delta updates via HTTP range requests, APM verifies each downloaded entry against the signed package before applying it. A partial download cannot introduce unsigned content. If verification fails, APM discards the partial update and falls back to a full download.