this post was submitted on 05 Jul 2024
729 points (94.0% liked)

linuxmemes

21282 readers
1125 users here now

Hint: :q!


Sister communities:


Community rules (click to expand)

1. Follow the site-wide rules

2. Be civil
  • Understand the difference between a joke and an insult.
  • Do not harrass or attack members of the community for any reason.
  • Leave remarks of "peasantry" to the PCMR community. If you dislike an OS/service/application, attack the thing you dislike, not the individuals who use it. Some people may not have a choice.
  • Bigotry will not be tolerated.
  • These rules are somewhat loosened when the subject is a public figure. Still, do not attack their person or incite harrassment.
  • 3. Post Linux-related content
  • Including Unix and BSD.
  • Non-Linux content is acceptable as long as it makes a reference to Linux. For example, the poorly made mockery of sudo in Windows.
  • No porn. Even if you watch it on a Linux machine.
  • 4. No recent reposts
  • Everybody uses Arch btw, can't quit Vim, and wants to interject for a moment. You can stop now.
  •  

    Please report posts and comments that break these rules!


    Important: never execute code or follow advice that you don't understand or can't verify, especially here. The word of the day is credibility. This is a meme community -- even the most helpful comments might just be shitposts that can damage your system. Be aware, be smart, don't fork-bomb your computer.

    founded 1 year ago
    MODERATORS
     
    you are viewing a single comment's thread
    view the rest of the comments
    [–] pennomi@lemmy.world 24 points 4 months ago (2 children)

    I think containerization for security is a damn good reason for virtually all software.

    [–] gaylord_fartmaster@lemmy.world 21 points 4 months ago (1 children)

    Definitely. I'd rather have a "good and specific reason" why your application needs to use my shared libraries or have acess to my entire filesystem by default.

    [–] cadekat@pawb.social 4 points 4 months ago (1 children)

    Using your shared libraries is always a good thing, no? Like your distro's packages should always have the latest security fixes and such, while flatpaks require a separate upgrade path.

    Access to your entire filesystem, however, I agree with you on.

    [–] gaylord_fartmaster@lemmy.world 3 points 4 months ago

    I only use rolling releases on my desktop and have ran into enough issues with apps not working because of changes made in library updates that I'd rather they just include whatever version they're targeting at this point. Sure, that might mean they're using a less secure version, and they're less incentivized to stay on the latest version and fix those issues as they arise, but I'm also not as concerned about the security implications of that because everything is running as my unprivileged user and confined to the flatpak.

    I'd rather have a less secure flatpak then need to downgrade a library to make one app I need work and then have a less secure system overall.

    [–] uis@lemm.ee 3 points 4 months ago

    emerge sec-policy/selinux-*