With all the supply chain attacks in the Linux ecosystem, isn’t the natural solution to move to full application sandboxing?
Flatpacking is great but not all applications support it.
Is it too much of a hassle?
With all the supply chain attacks in the Linux ecosystem, isn’t the natural solution to move to full application sandboxing?
Flatpacking is great but not all applications support it.
Is it too much of a hassle?
I adore Qubes!
Until a new version of Fedora gets EOLed. Or Qubes itself.
Setting up ALL of those distros every 3-6 months is a pain in the dick even when nothing goes wrong. And something always goes wrong with enough complexity.
You know you can do in-place upgrades. I never faced any issues despite the warnings on the doc. Though I always try to do the in-place upgrade on a template clone first to see what I’m in store for. Like sometimes tmpfs needs to be increased…
Yeah, that doesn’t always work well. And let me be clear - the AUR isn’t the only place NPM is creeping in as an unneeded dependency.