cross-posted from: https://sh.itjust.works/post/62361303
Hello good people.
Is no one afraid of Bazzites auto updating nature?
I am myself worried about the potential for well timed supply chain attacks from wherever they build their OS images, which somehow build malicious images or just gets itself into the normal image builds and we auto update to.
Is this an unfounded worry? Does anyone know of the security measures in place to prevent attacks?
Auto update just feels weird to me, especially for something like my OS. I’m asking because I went and installed it and realised auto updating seems to be their philosophy… which is scary?
p.s. i couldnt find anyone online discussing this
Thonks
Thanks for the answer.
That’s good to be aware of. I was also kinda put a back by a github issue raised by someone who could no longer toggle off auto updates with ujust.
It got solved by them adding the command back, just to be silently broken again by them renaming and subsequently removing it again (still removed as far as I’m aware).
Weird first impression on how quickly things are broken with no alternative.
This is pure operator error, all of these systems are well documented and are literally linux 101. If the response is “how are normal users supposed to?” the answer is normal users don’t use command line tools.
The person saying that they’re switching to Kinoite is in for a rude surprise when they find out that the virt-manager flatpak everyone is migrating to is written and maintained by the Kinoite maintainer, we helped with the QEMU extension because moving this stuff to userspace is something everyone agrees on.
Hopefully you’ve learned that there are people that claim they need super technical things like virt-manager on the image and yet can’t manage a simple linux service. “Forced Updates”. Images like Bazzite are the antithesis for people who want to be experts without putting in the work.