| View previous topic :: View next topic |
| Author |
Message |
Fulgurance
Veteran
Joined: 15 Feb 2017
Posts: 1199
|
 Posted: Wed Nov 09, 2022 1:04 pm Post subject: Opinion about security opinion |
 |
|
Hello, actually I'm thinking a lot about the new features coming with fedora silverblue. I'm a gentoo user from a long time, and to be honest I feel flatpak and rpm-ostree bring more problems than solutions for security.
What do you think ?
I really believe actually using a gentoo correctly configured is much better for security. |
|
| Back to top |
|
 |
eccerr0r
Watchman
Joined: 01 Jul 2004
Posts: 9677
Location: almost Mile High in the USA
|
| Posted: Wed Nov 09, 2022 5:31 pm Post subject: |
|
|
It's always been usability/convenience vs security, they have always been at odds with each other...
_________________
Intel Core i7 2700K/Radeon R7 250/24GB DDR3/256GB SSD
What am I supposed watching? |
|
| Back to top |
|
|
pjp
Administrator
Joined: 16 Apr 2002
Posts: 20067
|
| Posted: Thu Nov 10, 2022 3:12 am Post subject: |
|
|
I'm not a fan of flatpak-style packaging, although I've never used it. Some day I intend to work on an immutable installation of Gentoo. I have no idea how viable that is. I'm not familiar with rpm-ostree.
_________________
Quis separabit? Quo animo? |
|
| Back to top |
|
|
eccerr0r
Watchman
Joined: 01 Jul 2004
Posts: 9677
Location: almost Mile High in the USA
|
| Posted: Thu Nov 10, 2022 3:44 pm Post subject: |
|
|
I was reduced to being forced to use flatpak in Gentoo because net-wireless/chirp was removed from portage...
_________________
Intel Core i7 2700K/Radeon R7 250/24GB DDR3/256GB SSD
What am I supposed watching? |
|
| Back to top |
|
|
pa4wdh
l33t
Joined: 16 Dec 2005
Posts: 811
|
| Posted: Thu Nov 10, 2022 4:20 pm Post subject: |
|
|
I dislike all variants of packages which deliver an application and all it's dependencies as a package, and as far as i know flatpak it also uses this method.
The reason for my disliking is that it's near impossible to track updates in case of a (security) vulnerability with a package. I assume the big players like mozilla will be able to track updates for their dependencies, but most of the time the packages are made by someone that lost interest and doesn't update it anymore. In that case you're lost.
In contrast with the more traditional approach (like gentoo uses): If there's a problem with (for example) openssl, you update openssl system wide and you're done.
_________________
The gentoo way of bringing peace to the world:
USE="-war" emerge --newuse @world
My shared code repository: https://code.pa4wdh.nl.eu.org
Music, Free as in Freedom: https://www.jamendo.com |
|
| Back to top |
|
|
CaptainBlood
Advocate
Joined: 24 Jan 2010
Posts: 3595
|
| Posted: Thu Nov 10, 2022 4:23 pm Post subject: |
|
|
| eccerr0r wrote: | | I was reduced to being forced to use flatpak in Gentoo because net-wireless/chirp was removed from portage... |
Zugaina?
Thks 4 ur attention, interest & support.
_________________
USE="-* ..." in /etc/portage/make.conf here. |
|
| Back to top |
|
|
eccerr0r
Watchman
Joined: 01 Jul 2004
Posts: 9677
Location: almost Mile High in the USA
|
| Posted: Thu Nov 10, 2022 5:16 pm Post subject: |
|
|
chirp-py3 was pretty bad last I tried it, the toolkit migration was pretty bad, almost unusable. Since mainline code is still py2 last I checked I had to keep with the flatpak.
_________________
Intel Core i7 2700K/Radeon R7 250/24GB DDR3/256GB SSD
What am I supposed watching? |
|
| Back to top |
|
|
|
Other Things Gentoo
