linuxmemes

21009 readers

422 users here now

Hint: :q!

Sister communities:

LemmyMemes: Memes
LemmyShitpost: Anything and everything goes.
RISA: Star Trek memes and shitposts

Community rules (click to expand)

1. Follow the site-wide rules

Instance-wide TOS: https://legal.lemmy.world/tos/
Lemmy code of conduct: https://join-lemmy.org/docs/code_of_conduct.html

2. Be civil

Understand the difference between a joke and an insult.

Do not harrass or attack members of the community for any reason.

Leave remarks of "peasantry" to the PCMR community. If you dislike an OS/service/application, attack the thing you dislike, not the individuals who use it. Some people may not have a choice.

Bigotry will not be tolerated.

These rules are somewhat loosened when the subject is a public figure. Still, do not attack their person or incite harrassment.

3. Post Linux-related content

Including Unix and BSD.

Non-Linux content is acceptable as long as it makes a reference to Linux. For example, the poorly made mockery of sudo in Windows.

No porn. Even if you watch it on a Linux machine.

4. No recent reposts

Everybody uses Arch btw, can't quit Vim, and wants to interject for a moment. You can stop now.

Please report posts and comments that break these rules!

founded 1 year ago

MODERATORS

[email protected]

344

Principal Skinner on Immutable Distros (infosec.pub)

submitted 2 months ago by [email protected] to c/[email protected]

35 comments fedilink hide all child comments

cross-posted from: https://infosec.pub/post/15781466

Am I out of touch?

No, it's the forward-thinking generation of software engineers that want elegant, reliable, declarative systems that are wrong.

you are viewing a single comment's thread
view the rest of the comments

[–] [email protected] 8 points 2 months ago (1 children)

And since we're on the topic, if we're borrowing things from Android I would love to have the application sandboxing and permissions. I think they'd be a much bigger benefit – to all distros, immutable or not.

Flatpaks and Wayland should fill out this part nicely.

[–] [email protected] 2 points 2 months ago* (last edited 2 months ago)

This often means unofficial builds that aren't from the developer that sometimes have sandbox specific issues the devs didn't contemplate because they don't actually do flatpaks. If someday the random bob who is neither the original developer nor some trusted individual connected to the distro is hacked they may push out a malware enabled update that pwns all the people who automatically update in short order. This doesn't seem like a security increasing feature.