I find the authors concerns about security to be at odds with their enthusiasm for flatpak and systemd. Personally I don’t think containerised applications get as much attention from package maintainers or security audits. Systemd is also expanding into every area of the OS including recently offering a sudo alternative which is basically creating one massive attack surface.
I find the authors concerns about security to be at odds with their enthusiasm for flatpak and systemd. Personally I don’t think containerised applications get as much attention from package maintainers or security audits. Systemd is also expanding into every area of the OS including recently offering a sudo alternative which is basically creating one massive attack surface.
Even if you’re rightfully concerned, they become non-issues in the author’s platform of choice: Qubes OS.
The reason (I think) they mentioned all of those explicitly Linux things, is because they’ve also stopped using OpenBSD VMs in Qubes OS.