View previous topic :: View next topic |
Author |
Message |
Fulgurance Veteran
Joined: 15 Feb 2017 Posts: 1199
|
Posted: Wed Nov 09, 2022 1:04 pm Post subject: Opinion about security opinion |
|
|
Hello, actually I'm thinking a lot about the new features coming with fedora silverblue. I'm a gentoo user from a long time, and to be honest I feel flatpak and rpm-ostree bring more problems than solutions for security.
What do you think ?
I really believe actually using a gentoo correctly configured is much better for security. |
|
Back to top |
|
|
eccerr0r Watchman
Joined: 01 Jul 2004 Posts: 9677 Location: almost Mile High in the USA
|
Posted: Wed Nov 09, 2022 5:31 pm Post subject: |
|
|
It's always been usability/convenience vs security, they have always been at odds with each other... _________________ Intel Core i7 2700K/Radeon R7 250/24GB DDR3/256GB SSD
What am I supposed watching? |
|
Back to top |
|
|
pjp Administrator
Joined: 16 Apr 2002 Posts: 20067
|
Posted: Thu Nov 10, 2022 3:12 am Post subject: |
|
|
I'm not a fan of flatpak-style packaging, although I've never used it. Some day I intend to work on an immutable installation of Gentoo. I have no idea how viable that is. I'm not familiar with rpm-ostree. _________________ Quis separabit? Quo animo? |
|
Back to top |
|
|
eccerr0r Watchman
Joined: 01 Jul 2004 Posts: 9677 Location: almost Mile High in the USA
|
Posted: Thu Nov 10, 2022 3:44 pm Post subject: |
|
|
I was reduced to being forced to use flatpak in Gentoo because net-wireless/chirp was removed from portage... _________________ Intel Core i7 2700K/Radeon R7 250/24GB DDR3/256GB SSD
What am I supposed watching? |
|
Back to top |
|
|
pa4wdh l33t
Joined: 16 Dec 2005 Posts: 811
|
Posted: Thu Nov 10, 2022 4:20 pm Post subject: |
|
|
I dislike all variants of packages which deliver an application and all it's dependencies as a package, and as far as i know flatpak it also uses this method.
The reason for my disliking is that it's near impossible to track updates in case of a (security) vulnerability with a package. I assume the big players like mozilla will be able to track updates for their dependencies, but most of the time the packages are made by someone that lost interest and doesn't update it anymore. In that case you're lost.
In contrast with the more traditional approach (like gentoo uses): If there's a problem with (for example) openssl, you update openssl system wide and you're done. _________________ The gentoo way of bringing peace to the world:
USE="-war" emerge --newuse @world
My shared code repository: https://code.pa4wdh.nl.eu.org
Music, Free as in Freedom: https://www.jamendo.com |
|
Back to top |
|
|
CaptainBlood Advocate
Joined: 24 Jan 2010 Posts: 3595
|
Posted: Thu Nov 10, 2022 4:23 pm Post subject: |
|
|
eccerr0r wrote: | I was reduced to being forced to use flatpak in Gentoo because net-wireless/chirp was removed from portage... | Zugaina?
Thks 4 ur attention, interest & support. _________________ USE="-* ..." in /etc/portage/make.conf here. |
|
Back to top |
|
|
eccerr0r Watchman
Joined: 01 Jul 2004 Posts: 9677 Location: almost Mile High in the USA
|
Posted: Thu Nov 10, 2022 5:16 pm Post subject: |
|
|
chirp-py3 was pretty bad last I tried it, the toolkit migration was pretty bad, almost unusable. Since mainline code is still py2 last I checked I had to keep with the flatpak. _________________ Intel Core i7 2700K/Radeon R7 250/24GB DDR3/256GB SSD
What am I supposed watching? |
|
Back to top |
|
|
|