I am going to ask if I may use linux for work. We are using windows but there is nothing that couldn’t be done on linux. Privately, I am mainly a fedora user but I’d be happy with any OS and DE or wm. What do I need to look out for when I suggest an OS? What does a computer/ linux/DE need in order to be ready for enterprise workstation? Will I only have a user and no sudo rights? May I install all flatpak apps? Does the admin have to be able to remote ssh?
Why is flatpak a security risk? The applications run isolated and offer higher security, unless I’m missing something?
Because it doesn’t verify the authenticity of code it downloads before it installs it
I don’t think that that’s true. At least not more than for any other community maintained packages.
Debain is community maintained packages and they’ve done signed manifests on all packages, required by default, since like 2002.
Flapak and snap are terribly insecure compared to standard distro package managers
What? No! Flatpak and Snap are the new trendy toys! How dare you criticize them!
/s
Neither does dnf/apt/pacman. You are always at the mercy of the package maintainer(s).
Nope. Apt definitely cryptographiclly verifies the signatures of everything that it downloads. See
man apt-secure
I’m aware, signing the package is not the same thing as signing the code. The application is built by the package maintainer(s) and then the resulting packages are signed.
Which is the same thing that Flatpak does. Both depend on the trust for the repo owner and the package maintainer.