this post was submitted on 11 Sep 2024
844 points (98.2% liked)

196

16712 readers
3704 users here now

Be sure to follow the rule before you head out.

Rule: You must post before you leave.

^other^ ^rules^

founded 2 years ago
MODERATORS
 
you are viewing a single comment's thread
view the rest of the comments
[–] colin@lemmy.uninsane.org 1 points 3 months ago

troubleshooting sucks, and also, the default security model of desktop linux terrifies me. i legitimately don't understand how i can be running all this random code off the internet without being pwned. i figure i probably can't, and that it's really just a matter of time until something real bad happens.

i went down the "sandbox everything" rabbit hole, and 6 months later random stuff still pops up like "trying to connect to an IPv6 link-local address at this LAN party... wait why don't i have an IPv6 link-local address? i know IPv6 connectivity works fine when i'm at home." turns out those NetworkManager hardening patches i've been meaning to upstream forever break SLAAC, and now i'm too worried what other edge-cases they break to try pushing them upstream, and now i understand why distros all run these things as root with access to way more resources than they probably need 🫤