I run fedora 34 Silverblue on an ASUS VivoBook 14 which features:
Working Secure Boot
Enabled Kernel Lockdown
Immutable Base OS
SELinux enabled in enforcing mode
I encrypt and password-protect sensitive LibreOffice documents.
I audit flatpak permissions with Flatseal and disable unnecessary ones (which is rare because the flathub.org team are getting on-top of this).

Then someone suggests that I shouldn't be running flatpaks on my system because it presents a security risk. 🤣️🤣️


Oh, and I should add, my passwords are held in KeePassXC.
My GPG and SSH private keys are held on a YubiKey 5 which is also required to unlock KeePassXC.

I think I'm taking my security seriously. 😁️

@neildarlow so you're saying if we want to use flatpaks, we should take your measures to prevent security breaches?

@Ged Not at all. I'm saying that the person who suggested I shouldn't use flatpak wasn't aware of the security features fedora (and Silverblue in particular) offer in that department.

@neildarlow right : ) i was just kidding with you - hope you didnt take it wrongly. anyway, isnt silverblue all about flatpak?

@Ged It is. I've found myself overlaying some RPMs for things that need close access to the hardware e.g. scanner utility but the bulk of applications are flatpak. I prefer the fedora ones but flathub.org for those they don't publish.

@neildarlow Im relatively new on Linux and am not a developer. I looked at Silverblue's web page and didnt really understand what advantages it presents. What is your motive to use Fedora Silverblue instead of Fedora?

Sign in to participate in the conversation

General purpose mastodon instance