Zoom

Mon Mar 30 18:25:39 UTC 2020

On Mon, 30 Mar 2020 at 17:49, Oliver Grawert <ogra at ubuntu.com> wrote:

> ah, ok, i didnt get that context somehow ....
>
> well, as long as you are okay to give microsoft (or any other 3rd party
> repo owner) full root access to your system, sure, why not ;)

Honestly, I don't think that there is any significant issue here.

If you are going to install a proprietary Linux binary on your
computer, then you must trust the organization which built that
binary. And if you do, then I would argue it is _safer_ for that
binary to get updated along with the rest of your OS than you have a
fixed static version, along with an additional maintenance requirement
of updating the package yourself.

So, for instance, I run Rocket.chat as well, and that does _not_
auto-update, so I have to check regularly, fetch new releases and
install them manually. That is not desirable, but they do not provide
a repo, so I have no option.

> i personally prefer to not have microsoft, google or slack to have full
> root access to my system and rather rely on the confinement features
> snap or flatpak provide to prevent any apps from reading my passwords
> out of ~/.config or other databases they do not necessarily need to
> access ...

As you wish. At present, for me, it is too much work, and the few apps
that I have tried to run from Snaps or Flatpaks have only about a 50%
success rate. For example, Spotify works, but Rocket.chat doesn't.

I don't *want* to give such access, no, but if I need those apps,
that's the price and that is acceptable.

I hope that in future Linux distro design is going to change so that
all apps will run in containers. Fedora's "Silverblue" distro was an
attempt to do this, partly as a result of the acquisition of CoreOS.
RH Atomic is being merged with CoreOS. It will be interesting to see
what results.

So is openSUSE's MicroOS, which is architecturally simpler than
Silverblue because SUSE defaults to Btrfs. Btrfs means SUSE can
dispense with ostree and other complex RH tools. But some people don't
trust Btrfs so that itself is an issue.

It is not exactly a general-purpose distro but Endless OS works like this, too.

All are worth a look.

I think such a model represents a quite likely future for Linux: an
immutable base OS and a read-only root filesystem, no package manager,
and all apps installed in isolated containers. Whole-system updates,
rather like Android or iOS.

In principle this will allow a complete OS reinstall while keeping all
your apps, like on macOS. That would be a big win for end users.

However, it will require users to relinquish a lot of control over
their distros, and *nix old-timers will hate that.

-- 
Liam Proven – Profile: https://about.me/liamproven
Email: lproven at cix.co.uk – gMail/gTalk/gHangouts: lproven at gmail.com
Twitter/Facebook/LinkedIn/Flickr: lproven – Skype: liamproven
UK: +44 7939-087884 – ČR (+ WhatsApp/Telegram/Signal): +420 702 829 053