@strypey I think it's a matter of relativity. Yes, there're quite a few shortcomings of the Linux model for desktop regarding sandboxing. The problem, of course, is that the same (and much worse) can be said for all the more widely-used desktops out there. Added security results in added complexity and reduced usability. I'd argue that most of the attack vectors described are low risk for the typical scenario of a computer that is almost exclusively used by an individual + a few trusted people.


@lightweight @strypey true, making a desktop secure through the required implementation of policies would make certain things inconvenient. I see one of the points the author making is that desktops will be left insecure most of the time. For example, all it takes is installing some userland software (be it flatpak) which is vulnerable or itself malicious.

Sign in to participate in the conversation

Fosstodon is an English speaking Mastodon instance that is open to anyone who is interested in technology; particularly free & open source software.