@kde@floss.social @kde@lemmy.kde.social

True, changed the naming ;)

@kde@floss.social @kde@lemmy.kde.social

For people interested, maybe #crabjail and #crablock can be a solution!

https://codeberg.org/crabjail/crablock

A #sandboxing tool written in #Rust, featuring " bleeding edge #Linux #security features like #Landlock or MDWE_REFUSE_EXEC_GAIN."

@kde@floss.social @kde@lemmy.kde.social

Thx for the info, then it is like that.

Here is the goal proposal

https://phabricator.kde.org/T17370

Tbh, #bubblewrap would need to be fixed drastically to be as secure as the #Android #sandbox. And (I am not sure yet) I think even #Snaps are more secure (on #Ubuntu with #Apparmor patches) than #Flatpak with the current system.

As far as I understood, sandboxing needs to happen in #userspace, with tools like #fuse doing the work while being restricted by #MAC like #SELinux or Apparmor.

@kde@floss.social @kde@lemmy.kde.social

Can you tell us what happens on the "sandbox all the things" goal?

I think this is a pretty crucial step forward, even though #sandbox technologies (most often through user namespaces) are more problematic than I initially thought.

(Basically, user #namespaces open up #privesc dangers to the monolithic #kernel, which is incredible. #Android and #ChromeOS use #LXC, mounts and #SELinux for #sandboxing)

@kde@floss.social @kde@lemmy.kde.social

Is this how the dark/light transition will look like?

A small visual issue but nice to see fixed!

@dansup@mastodon.social wait a sec, "は" means "would be happier if it federates with" ?? Damn

@boredsquirrel

#homeassistant #kde #kdeplasma #homeautomation

@jon@vivaldi.net

#Firefox got a ton of variants/forks recently.

• #Librewolf
• #MullvadBrowser
• #ZenBrowser
• #Midori

So yeah I take Firefox + Arkenfox user.js or Librewolf if they fixed their CI/CD

Permanently Deleted