homed isn't exactly a home directory replacement, more of an extension. You can mix and match homed and normal home directories like you want (on a per-user basis at least, not within a single user). It does have some nice things, such as user-password based encryption of the home directory, so the password is required to unlock it (no admin access) or automatically using subvolumes on btrfs.
The thing with this is: its just a symlink to the systemd-run binary, which talks to PID1 to spawn new processes (in separate cgroups IIRC). Its one of the most fundamental parts of systemd. Even the debian systemd package includes systemd-run.
I guess the other question is if some tools the distro provides might switch to supporting it by default. For example on Arch there is makepkg that should never be executed as root, but does internally call some things with elevated privileges (mostly pacman to install and remove packages). Currently it checks for sudo and if not falls back to su, but maybe it might be worth considering changing su for run0 if its guaranteed to be there.
I genuinly hate NV as a company and their propriatary software, but I can say that the software they provide is decent/good. Like... good cards and software, terrible company and philosophy/moral
they probably made more money from OW1 lootboxes, overall
I really doubt it considering how many boxes you got thrown after you, with coins for dups with which you can just buy skins.
Was a great system for the player, but probably terrible monitarily.
The actual reason is to hide the fact they’re probably not gonna have much if any pve content soonish
They literally out right said multiple times that PvE content is mostly shelved and to not expect anything. This isn't some sort of secret they are keeping
I don't really bother with AV on my linux system. What I do is just use trusted software from my repos and run containerized applications.
What I am currently working on is using secure boot with a Unified Kernel Image (already doing that) that boot into a read-only /usr/ partition with verity + signature (one UKI only loads a certain partition with a specific signature, or nothing at all). Any other things I need I create a systemd sysext that gets overlayed ontop of /usr/ (also read-only) or they get installed as flatpak. For development I would just be using nspawn containers and podman/OCI containers for services that are outside of the other scopes.
That already covers a lot of different attack vectors by just not having my system be modifyable outside of my control or apps just being containerized.
The thing with Wayland and X11 is: this couldn't really be done because of how fundamentally broken incompatible X11 is (and there is XWayland for most clients that mostly works)
I suspect they skipped checking who controls that domain at the time and just saw that it would make for a good name. Not good practice but I can see how that happened.
Arch: Move more of the things shipped by the distro to /usr/, too many things are still in /etc/, /var/ and /srv/. Generally this isn't a problem, but when you want to make an A/B updated image where only /usr/ is shipped it is a bit annoying. Also, bash has no way to have a "distro" version of /etc/profile.
Another benefit is: no .pacnew files in /etc/ (or anywhere else) since those would all be managed by the system maintainer and aren't touched by the package manager
I have NekkoDesktop, NekkoLaptop, NekkoLaptopJr (new laptop) and NekkoServer :) (Phones are just Nekko <Release> with release being S9 and S21 for Samsung or G6 for LG)
The thing with AppImages is: it requires FUSE2 which doesn't really get packaged/included by default anymore in a lot of places and the recommendation is "build on the most old and crusty distro you want to support" which just sounds like a nightmare in multiple ways :)
And with snaps the sandboxing only really works on Ubuntu and nowhere else last time I looked into it (then there is also the entire problem if you want to host your own repository/"storefront").
So really the only universal sandboxing method that effectivly makes sense is Flatpak.
Wouldn't that need them to get the fu.ck domain itself? I have a feeling that is already used by someone else, but there currently isn't any website at that domain (doesn't mean it isnt used)
Generally the only groups I would maybe sign such a CLA in regard to the GPL is: the FSF and the Linux Foundation. Anybody else (especially individuals I don't know) I wouldn't sign any CLA unless my contribution is like a 1 off, trivial patch.
I would have guessed that Ubuntu would install it by default since its a very common way to get stuff from the internet (when in the terminal), but apparently not (the other option is wget which is most likely installed, but that uses a different way to get the stuff).
You should be able to install curl with sudo apt install curl
NekkoDroid @ NekkoDroid @programming.dev Posts 0Comments 80Joined 2 yr. ago
homedisn't exactly a home directory replacement, more of an extension. You can mix and match homed and normal home directories like you want (on a per-user basis at least, not within a single user). It does have some nice things, such as user-password based encryption of the home directory, so the password is required to unlock it (no admin access) or automatically using subvolumes on btrfs.