@aral Can immutability be invisible? Like, is it possible?
I remember running Silverblue and being unable to sh the .run from PIA to install their app, and it makes sense since it’s definitely making major changes.
I was able to set it up via manual configs in OpenVPN, but I can’t think of a way that get a third-party app that requires system-level changes to “just work.” It can’t just be thrown into a flatpak like GIMP.
@aral @mopedad One of the things I hate about MacOS is the hoops you have to go through to change your own system. Linux started going down hill when they got rid of FVWM ;-) In all honesty in the 90s I said “Linux will be great when its finished”. That’s still the case. Rather than messing with the fundamentals people need fix the missing basixs, the current functionality and the documentation. Its like systend, what it replaced wasn’t finished and had issues so they replaced it with something else which isn’t finishes and has issues but at least the old system was less monolithic. You can’t use Gnome3 without systemd! That breaks the whole philosohy of *nix. I can’t tell you the number of embedded projects where we have ripped out systemd and reverted. If you want to protect systems from clueless users just don’t give then admin rights!
@cyberspice @mopedad Sadly, traditional Linux desktop is also one of the most insecure systems possible. Its security properties date back to the assumptions of the mainframe era. So we have privileged ports (yay!) but a windowing system (X) where any app can be a keylogger. So thank goodness for wayland. Similarly, we have non-sandboxed apps. Flatpak is a step in the right direction (if an imperfect one). Immutable OS is also. We must think beyond “users” to “everyday people.”
A newer server operated by the Mastodon gGmbH non-profit