I have been trying some of the immutable linux OSes because from what I understand they are more modern and feature better security and reliability. What I have found so far is shocking. Half of these don’t support my laptop (probably because it’s nvidia optimus). Some I tried like guix were very difficult to install, configure, and use with sprase documentation. Good luck trying to use KDE, wayland, or pipewire for example. BlendOS was notably better and could at least run on my laptop but chocked with nvidia driver issues.
I have switched to pop os on my laptop for now but looking at alternatives and what to install on my desktop.
I agree that by design Flatpak aims to provide a secure environment through sandboxing; in practice, the implementation has gaps that can lead to security risks, particularly when apps are granted extensive filesystem access. This can undermine the effectiveness of the sandbox and potentially expose systems to vulnerabilities. HOWEVER, being on an immutable system, these risks are mitigated to some degree.
I’m particularly hopeful for Flatpak’s promise of fine grained permissions. Flatpak is developing a fine-grained permission system with portals for external interactions, BUT this system relies on integration with toolkits like GTK, rather than app-specific APIs, complicating its implementation. There is more info in the linked article in the previous post, and here it is again.
Admittedly I’m not familiar with distrobox, but my caution is for any approach that distributes containerized programs with their own runtimes; they proved to be a real headache on my “mutable” system and my nvidia GPU until I switched to rolling OS.
I’m glad you found some candidates to potentially resolve your issue. What distro did you end up using? I’m curious to give it a go next chance I have some free time. Cheers.
Bazzite - it’s part of the ublue family derived from fedora but with extras including extra drivers.
Edit: you also get some immutable distros that don’t need flatpaks like nix os and guix. They are much more difficult to work with though.
cool thanks.
Well I’m glad to hear these things being worked on and worked out
Yeah it seems to work well on my desktop with an AMD card. They have a variet for Asus laptops with Nvidia GPUs, so hopefully it will be easy to setup if I go that route. For now I am keeping Pop_OS! on my laptop as it seems fairly useful.