this post was submitted on 11 Feb 2024
13 points (93.3% liked)
Fedora Linux
292 readers
7 users here now
All about Fedora Linux
founded 5 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
That isn't an issue at all. You can understand uBlue only as a framework, not distro.
It's just a "factory" to create custom downstream images automatically.
It's even mentioned (but not endorsed) by the Fedora team officially.
It's fully open source and you can view/ modify the changes easily yourself.
One of the main plus points is that the official Fedora Devs aren't allowed to ship certain things, like codecs, due to licensing. uBlue isn't official and thus is allowed to do that.
uBlue isn't some obscure fork that gets forgotten after a few months. It builds itself. For example, I know shit about anything and can't even code. BUT, I've made my own uBlue spin, so I'm a distro maintainer so to say, but I never have to do anything.
Just use that instead, there aren't any disadvantages (besides some nice to have optional apps, like calculator app, missing). That doesn't mean vanilla Silverblue isn't usable by any means of course.
You, and malicious actors, can still modify the system a bit and it isn't bullet proof. No software is.
You can still execute some scripts/ commands (e.g.
rpm-ostree install teamviewer && reboot
), give them sudo, and let someone steal your banking data.It's just harder and there are more stepping stones for hackers and co. to archive what they want.
For example, every deep change in the OS requires a reboot. You can chronologically list what has been changed the last times (just like on git) and revert those changes. And needing to reboot when you installed a free game somewhere is a bit sus.
You just can't modify the live system.
But yeah, it still should be somewhat more secure. As long as you don't run random shit from the internet (e.g. scripts) without looking first or practice other insecure things, you don't have to worry much.
Glad to hear! Did Reddit really go downhill so fast? Oof
That clears up my concerns and questions about both Silverblue and uBlue. Though it sounded convenient for my use case, I avoided uBlue as I thought it was a random fork that might not be reliable in the long term. I will be testing it to see if it works for me or if I can adapt to it. Thanks a lot!
I use uBlue and have never had an issue.
The great thing is that you can just rebase back to stock Silverblue at any time if you want to go back.
As I said, you can't view the uBlue images as forks per se.
It's more the result of a building script saying "Use the original Silverblue image, add this package, remove this package, rebuild" every day.
So the uBlue images aren't much older (less then a few hours normally, less then a day on major releases) then the upstream original versions.