With all the supply chain attacks in the Linux ecosystem, isn’t the natural solution to move to full application sandboxing?
Flatpacking is great but not all applications support it.
Is it too much of a hassle?
With all the supply chain attacks in the Linux ecosystem, isn’t the natural solution to move to full application sandboxing?
Flatpacking is great but not all applications support it.
Is it too much of a hassle?
Secureblue +
virt-managerwith QEMU does the trick. Or you can just<insert agent harness here> "Make me an program that does the same as Qubes OS, but with virsh and register every single XDG default app entry with it"