Someone with root can run ostree admin unlock --hotfix to make /usr writable. Someone with root can also delete all restore points.
It would be strange for them to call it that if it actually means “completely irrelevant from a security perspective”.
See the comment by superkret.
An attacker escaping from a container can’t be system root as Podman runs rootless (without some other exploit or weak password).
That would be true of podman running anywhere, and is not unique to an immutable distribution.
The filesystem itself is also read-only.
You can change that real quick if you have root access.
Because even if an attacker could gain access even as root he cannot modify system files.
They 100% can.
I really appreciate Open Source Alternative To for this (although their theme seems a little broken atm).
The "down" was definitely edited after the fact.
Thanks! Not quite as wild as I was expecting (kind of surprised this was enough to push them to delete their account)
Do you have any sources for this?
The GitHub says they plan on adding other fediverse connections in the future.
What is PortProton doing that could increase performance? At the end of the day, won't this tool just set up a wineprefix for your game and then launch it using wine/proton, just like other tools of this nature?
Where can you find an N100 for $60 with 4GB of memory?
EDIT: Nvm, found the comment replying to this mentioning Radxa boards. Just found them the other day. Very interested.
Aren't most CPU's and chipsets proprietary? Not to mention all of the firmware blobs they require? What are some affordable, non-proprietary options?
The original context for the comment chain was:
So no, it's completely relevant.