@TheFrenchGhosty @BrodieOnLinux my take as well. I only install software I trust. That’s also why flatpack is largely pointless to me. But for making Linux useable for a larger audience there needs to be a more general way, I agree.

@TheFrenchGhosty @BrodieOnLinux sure, but do you trust the binaries you’re downloading? or the distributor of the software? maybe you do compile from source in an offline, freshly instantiated, provenance-signed virtual machine, but even then, do you trust that the code that the software provides is free from vulnerabilities or remote code execution?

it’s not just a matter of trust, it’s a matter of reducing the blast radius if that trust ever gets broken. your best friend doesn’t need the keys to your home, even if you trust that they won’t do anything bad with it.

and on the wayland point, it’s not just pushed hard because of “red hat corporate interests” or “canonical corporate interests” or whatever party you want to burn at the stake (though on that note, they’re probably more aligned with yours than you think). x11 was designed with the requirements of the 80s (so remote access-first architecture, effectively single display, etc.), and is a burden to maintain, filled with legacy drivers before kernel mode setting, and a bunch of technical reasons i’m blissfully unaware of that caused the existing maintainers to collectively sunset the project.

is principle of least privilege “corporate”? sure, from the standpoint that it benefits corporations. but under that definition, virtually all of FOSS is “corporate” in that it reduces the baseline amount of work needed to start up their operations.

@arrieseveneight @BrodieOnLinux

> sure, but do you trust the binaries you’re downloading? or the distributor of the software?

Yes, I trust my distro repos.

That's the whole point of picking a distro. You're supposed to trust the shit they package for you.

@TheFrenchGhosty @BrodieOnLinux even so, if that’s your security model, read on…