With all the supply chain attacks in the Linux ecosystem, isn’t the natural solution to move to full application sandboxing?
Flatpacking is great but not all applications support it.
Is it too much of a hassle?
With all the supply chain attacks in the Linux ecosystem, isn’t the natural solution to move to full application sandboxing?
Flatpacking is great but not all applications support it.
Is it too much of a hassle?
how would nix be affected by an attack like the one in the aur? nix packages its own dependencies, which are then packaged into other packages. the attack on the aur was possible because some software called for a library to be downloaded somewhere and npm was affected which ended up affecting the aur. for it to work on nix someone would have to upload a malicious package into the nixpkgs, which im not saying its impossible, but at the bare minimum there’s a bigger barrier than basically 0 compared to the aur.
deleted by creator
i dont even use nix, i just know of it, you seemed like you knew more than me, so i tried to explain, doesn’t mean i was correct, i hoped you could maybe correct me, but sure
deleted by creator