I run fedora 34 Silverblue on an ASUS VivoBook 14 which features:
Working Secure Boot
Enabled Kernel Lockdown
Immutable Base OS
SELinux enabled in enforcing mode
I encrypt and password-protect sensitive LibreOffice documents.
I audit flatpak permissions with Flatseal and disable unnecessary ones (which is rare because the flathub.org team are getting on-top of this).
Then someone suggests that I shouldn't be running flatpaks on my system because it presents a security risk. 🤣️🤣️
@neildarlow so you're saying if we want to use flatpaks, we should take your measures to prevent security breaches?
@Ged Not at all. I'm saying that the person who suggested I shouldn't use flatpak wasn't aware of the security features fedora (and Silverblue in particular) offer in that department.
@neildarlow right : ) i was just kidding with you - hope you didnt take it wrongly. anyway, isnt silverblue all about flatpak?
@Ged It is. I've found myself overlaying some RPMs for things that need close access to the hardware e.g. scanner utility but the bulk of applications are flatpak. I prefer the fedora ones but flathub.org for those they don't publish.
@neildarlow Im relatively new on Linux and am not a developer. I looked at Silverblue's web page and didnt really understand what advantages it presents. What is your motive to use Fedora Silverblue instead of Fedora?
General purpose mastodon instance