With all the supply chain attacks in the Linux ecosystem, isn’t the natural solution to move to full application sandboxing?
Flatpacking is great but not all applications support it.
Is it too much of a hassle?
With all the supply chain attacks in the Linux ecosystem, isn’t the natural solution to move to full application sandboxing?
Flatpacking is great but not all applications support it.
Is it too much of a hassle?
I’ve never daily driven it as my main machine but I’ve used it as an auxiliary driver for a more high-security machine. Afaik things like gaming are sort of a no-go on Qubes still.
Qubes does not just do sandboxing. It runs all user programs in VMs, which adds non-negligible overhead and makes it an unsuitable OS for many more lightweight systems like laptops. And even if your PC can run Qubes without issue, you may not want that additional overhead if you want to do anything computationally intensive.
I have a gaming VM running cachyOS in Qubes OS and it runs pretty good, I’d still not recommend tho as qubes will randomly freeze (at least a few times a week) and I have to hold the power button and restart might be due to me using a nvidia GPU for dom0. (I use an AMD gpu for the gaming VM and I’m not sure how GPU passthrough will work with two AMD GPUS) It does work well tho
I mean, I only have one GPU, so if passthrough is required then that does make gaming more inaccessible.