With all the supply chain attacks in the Linux ecosystem, isn’t the natural solution to move to full application sandboxing?

Flatpacking is great but not all applications support it.

Is it too much of a hassle?

  • Matt@lemmy.ml
    link
    fedilink
    arrow-up
    0
    ·
    1 month ago

    Secureblue + virt-manager with QEMU does the trick. Or you can just <insert agent harness here> "Make me an program that does the same as Qubes OS, but with virsh and register every single XDG default app entry with it"