this post was submitted on 04 Jun 2024
274 points (98.9% liked)

Linux

48234 readers
518 users here now

From Wikipedia, the free encyclopedia

Linux is a family of open source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991 by Linus Torvalds. Linux is typically packaged in a Linux distribution (or distro for short).

Distributions include the Linux kernel and supporting system software and libraries, many of which are provided by the GNU Project. Many Linux distributions use the word "Linux" in their name, but the Free Software Foundation uses the name GNU/Linux to emphasize the importance of GNU software, causing some controversy.

Rules

Related Communities

Community icon by Alpár-Etele Méder, licensed under CC BY 3.0

founded 5 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 2 points 5 months ago (1 children)

This assumes that distro packages would be more secure. Which are not "verified" most of the time, by design. And which are installed to the system, can do whatever they want.

A system package can edit /etc, autostart itself, write to all your devices and /home.

Flatpaks MAY do that, but these will have an "insecure" rating on Flathub. And they can still not write a lot of areas, for example other Flatpaks internal storage, even if they have home permission.

[–] [email protected] 1 points 5 months ago (1 children)

A system package can edit /etc, autostart itself, write to all your devices and /home.

Distro packages are not inherently more secure, but they are all controlled and packaged by the team who manages your operating system. So you trust them fully. Which you cant for arbitrary packages from Flatpak, similar to arbitrary packages from Google playstore on Android. That's why those "unmanaged" Flatpaks need such a rights system. I'm not saying one is better than the other, just that you can't limit the security value by just what the app is allowed to do (in my opinion).

[–] [email protected] 2 points 5 months ago

Linux mint and Ubuntu both add the "universe" repo by default. That repo is basically community grade, and even used for official flavors which tells a lot about their reliability.

Same with Fedora. Everything outside of Workstation or the KDE Spin needs to be checked for maintenance carefully. There is lots of abandonware.

With Flatpak on the other hand too, and you can still use it as it can just use EOL runtimes even on a rolling distro...