Installing a random (nasty?) .deb can be dangerous because it will grant all privilege to the apps and daemon installed because the .deb has some configs asking to applied if the user valid his password at the installation process.
Click package doesn't need a password (as far I have tested).
Will click package be safer to the system/userdata or will it be the same? why?
Some aspects that would be great to be answered:
- are click and deb based on the same system (dpkg)?
- can apparmor provide a root access to apps without password or something?
- will the user be prompted to accept the access rights of the apps when installing (android-like example: this apps will be able to scan your /home and access network) or on the run at the need of a right (browser-like example asking the right to use the cam)?
- close to this question: does .apk and click will word the same (about policies and user story)?
- mainly: can an app send all my private data on the network with click without let me know it explicitly or will it have at least the right validated by users to do so or will it be blocked in a sandbox anyway?
- It is true to say: click package are less powerful (restrict more things), but more safer?