@strypey I think it's a matter of relativity. Yes, there're quite a few shortcomings of the Linux model for desktop regarding sandboxing. The problem, of course, is that the same (and much worse) can be said for all the more widely-used desktops out there. Added security results in added complexity and reduced usability. I'd argue that most of the attack vectors described are low risk for the typical scenario of a computer that is almost exclusively used by an individual + a few trusted people.
@lightweight I agree with you on this. Other operating systems such as Windows, MacOS, and BSDs all have these flaws too to varying degrees. I don't know of a single, production-ready, general purpose OS that isn't written in C.
Also, with Wayland on the way, that whole Flatpak/X11 issue is also quickly becoming a non-issue for many users.
@lightweight @strypey true, making a desktop secure through the required implementation of policies would make certain things inconvenient. I see one of the points the author making is that desktops will be left insecure most of the time. For example, all it takes is installing some userland software (be it flatpak) which is vulnerable or itself malicious.
The social network of the future: No ads, no corporate surveillance, ethical design, and decentralization! Own your data with Mastodon!