I read the original mastodon post by the developer of run0 and I am still don’t understand what the problem with SUID is.
Whats an example of an attack that would work with sudo and doas (which also uses SUID) and not on run0?
I read the original mastodon post by the developer of run0 and I am still don’t understand what the problem with SUID is.
Whats an example of an attack that would work with sudo and doas (which also uses SUID) and not on run0?
This is a good step but I still feel like it’s pretty obscure where a package is actually coming from. “by Google” or for the Steam package “by Valve” is really confusing and makes it sounds like it’s coming directly from the company. Unverified tells the user to pay attention but there is no hover over to say what it actually means.
I haven’t played a lot of Divinity but I will say the DnD character creator is much more interesting to me then the skill system in Divinity. I don’t know if Divinity’s skill systems gets better as it goes, but BG3 starts out with a lot of really interesting classes and choices.
I used to use Fluxbox back in the day, what’s the modern equivalent?
Yeah going to mine as well. I am both excited and a little scared. Some folks have reports some serious issues when upgrading so let’s hope the Tumbleweed folks sit on this until they feel it’s ready for general availability.
You know, I am fine with it. One of the reasons I am using Tumbleweed is for the additional testing they do, so if they aren’t cool with shipping it yet I can wait.
I saw, very exciting!
Man I really want to see that VRR patch merged in, even if it still takes a flag to turn on.
With KDE having VRR and now HDR it feels like the choice you have to make if you are gaming on Linux. I prefer Gnome generally so I would like to see them catch up.
Everyone seems shocked when Arch breaks but it’s been my experience with Arch as well. Literally on an old laptop I was basically using for web browsing I had Arch break several times randomly after updates. That was enough for me to give up on it.
Accusing the poster of astroturfing is extremely toxic and warrants revision on your part.
I liked Unity - they were doing so much customization to Gnome that it made sense for them to have their own DE.
Why would you ever think it was a meme distro? Red Hat has been around forever.
Using this right now. It’s been a little less stable then I’ve heard other people claim, I had about a day and half where I was consistently freezing up 5 minutes after login. After that was patched it has been fine.
The real test for me is if I can walk away from it for 3 weeks and update the system without the world exploding. That was what always broke Arch for me.
I haven’t used it personally but I’ve seen a lot of folks bad mouthing Manjaro.
Lots of complaints of instability and it being poorly run project. One of the more objective complaints I’ve read is they have a slower release process so security fixes take longer then Arch.
Devils advocate here, but what makes Ubuntu a great gateway distro nowadays?
When Ubuntu came out it had a graphical installer and UI improvements allowed users to do more without the terminal. I feel like at some point other distros caught up and Unity was the unique selling point. Then canonical became more focused on the server and killed Unity. I am not sure what is the selling point of Ubuntu as a desktop in 2024.
This all comes from my personal experience of Ubuntu being my main distro for 10+ years. But when I started distro hoping I realized there wasn’t much difference between Ubuntu and other distros nowadays.
After trying out Nix as a package manager I realized I have a pretty different world view than the makers of Nix. I agree with the end goal but how they are trying achieve it is just alien to me. The nix command line is just downright user hostile.
I am personally hoping that someone else takes a stab at the Nix concept but have accepted Nix isn’t for me.
Yeah as they said it’s complicated, but in an unintuitive way more sandbox of apps can lead to apps being less effective at sandboxing themselves. Which, like you said, can be good bad or neutral depending on your threat model.
Personally I am leaning towards not using browser in Flatpaks since I trust the browser to sandbox itself. Not the position I started from initially where I would have assumed more sandboxing is a uniformly good thing.
You should probably read the included details if you haven’t and address those points directly. I’d love to know what is wrong about the problems they have described.
The details are in this link https://seirdy.one/notes/2022/06/12/flatpak-and-web-browsers/
Is that due to flatpak sandboxing?
Edit: it’s interesting, this repo is saying the opposite, https://github.com/trytomakeyouprivate/Recommended-Flatpak-Apps/blob/main/Apps/Browsers.md
The Flatpak Sandbox restricts the Browsers abilities to isolate the processes from another, and also valuable internal data like your history or passwords.
Edit 2: since folks are asking further details are linked in the article. Keep in mind I am not personally making these claims, I am in learn mode just like a lot of other folks.
From https://seirdy.one/notes/2022/06/12/flatpak-and-web-browsers/:
When distributing browsers through Flatpak, things get a bit…weird. Nesting sandboxes in Flatpak doesn’t really work, since Flatpak forbids access to user namespaces
What does “experimental color management” mean? Is that HDR support?
Can anyone expand on that?