I’m really excited about immutable distros that mainly use flatpak for their software. The containerizing of programs and modular permissions on linux is a big step up for general security for desktop use and something that I always felt was missing compared to, for instance, MacOS.
I don’t think it means the OS is a failure, but it does mean that the software distribution model is a failure. Apps in containers are still talking to the OS system call APIs, still running on the OS and, with runc or similar, using the OS for isolation. They do provide some interesting possibilities though: if you switch out runc and use a separate VM for each app then you can suspend and resume apps and live migrate them between computers. Being able to live migrate apps from my home machine to one in my office would be very interesting for hybrid working, for example.
My worry about Flatpak is dependency management. Last time I took a look, it was hard to query dependencies. Admittedly this was long ago. Hence, for a given CVE it’d be hard to know if all your software is patched. Has this situation changed? I’d not like to end up with obscure application bundles, like macOS.
This is the reason I like NixOS. It’s brings the best of both worlds. Your dependencies do not need to be in sync like with traditional package managers, but things are still tidy and builds are reproducible.
The nice thing about Flatpak is simple sandboxing, à la Firejail/bubblewrap. Nix does not have this yet, but Guix does. It was added very recently.
I think it’s important to run things with the least amount of privileges. macOS already sort of provides this by default. It’s a good last resort to defend yourself against malicious software. For example, it’d have saved many of the users that got their data stolen by a compromised PyTorch last week.
I have a similar worry with Flatpack. It seems that they have identified the difficult problem in packaging and made it worse.
The root problem with packaging is that dependencies often have unstable interfaces. This is addressed by having multiple versions installed at once. This adds a bigger problem: you now need to do security back-ports to each of the supported versions, even if upstream does not. Flatpack makes it much easier to ship different versions of dependencies and so it compounds the emergent problem. If I have 20 apps installed and they depend on 10 different versions of libfoo, who is going to do the security back ports of a fix in libfoo? The hard work doesn’t go away, it just becomes easier to ignore and push problems to end users.
Interesting points. Can’t really answer if querying dependencies is less annoying now, as I don’t use flatpak on a daily basis. GUIX sounds pretty amazing though, I might try it out someday.
Guix is totally worth trying. But you should probably try the Linux distribution, GuixSD, to fully take advantage of what Guix offers. Guix has a channel with non-GNU approved software that is seldomly advertised: https://gitlab.com/nonguix/nonguix. Without this channel, it might give the impression of being way behind a normal distribution in terms of package availability.
I’m really excited about immutable distros that mainly use flatpak for their software. The containerizing of programs and modular permissions on linux is a big step up for general security for desktop use and something that I always felt was missing compared to, for instance, MacOS.
Runing all apps in containers means the OS, as it is now, is a failure. And flatpaks have performance problems and software today is already slow.
I don’t think it means the OS is a failure, but it does mean that the software distribution model is a failure. Apps in containers are still talking to the OS system call APIs, still running on the OS and, with runc or similar, using the OS for isolation. They do provide some interesting possibilities though: if you switch out runc and use a separate VM for each app then you can suspend and resume apps and live migrate them between computers. Being able to live migrate apps from my home machine to one in my office would be very interesting for hybrid working, for example.
I haven’t heard of performance issues with Flatpak, do you know of any examples of performance impacts?
My worry about Flatpak is dependency management. Last time I took a look, it was hard to query dependencies. Admittedly this was long ago. Hence, for a given CVE it’d be hard to know if all your software is patched. Has this situation changed? I’d not like to end up with obscure application bundles, like macOS.
This is the reason I like NixOS. It’s brings the best of both worlds. Your dependencies do not need to be in sync like with traditional package managers, but things are still tidy and builds are reproducible.
The nice thing about Flatpak is simple sandboxing, à la Firejail/bubblewrap. Nix does not have this yet, but Guix does. It was added very recently.
I think it’s important to run things with the least amount of privileges. macOS already sort of provides this by default. It’s a good last resort to defend yourself against malicious software. For example, it’d have saved many of the users that got their data stolen by a compromised PyTorch last week.
I have a similar worry with Flatpack. It seems that they have identified the difficult problem in packaging and made it worse.
The root problem with packaging is that dependencies often have unstable interfaces. This is addressed by having multiple versions installed at once. This adds a bigger problem: you now need to do security back-ports to each of the supported versions, even if upstream does not. Flatpack makes it much easier to ship different versions of dependencies and so it compounds the emergent problem. If I have 20 apps installed and they depend on 10 different versions of libfoo, who is going to do the security back ports of a fix in libfoo? The hard work doesn’t go away, it just becomes easier to ignore and push problems to end users.
Interesting points. Can’t really answer if querying dependencies is less annoying now, as I don’t use flatpak on a daily basis. GUIX sounds pretty amazing though, I might try it out someday.
Guix is totally worth trying. But you should probably try the Linux distribution, GuixSD, to fully take advantage of what Guix offers. Guix has a channel with non-GNU approved software that is seldomly advertised: https://gitlab.com/nonguix/nonguix. Without this channel, it might give the impression of being way behind a normal distribution in terms of package availability.
Thanks for the tip!
This looks very appealing.
I’m interested in it, but I’d rather have KDE flavor. Interesting to see how this project evolves.
If you can deal with google ads every fucking paragraph this might be worth a read before installing: https://linuxiac.com/vanilla-os-promising-idea-disappointing-implementation/