khalil@beehaw.orgtoFree and Open Source Software@beehaw.org•GIMP - Development Update: Closing In on the 3.0 Release Candidate
2·
3 months agoI recommend watching this video: https://www.youtube.com/watch?v=qbKGw8MQ0i8
I recommend watching this video: https://www.youtube.com/watch?v=qbKGw8MQ0i8
AFAIK biometrics are only used to unlock the device’s keychain. So, in other words, it’s no different than using fingerprints to unlock your password manager (via the device’s keychain that has your actual password).
First and foremost, you are outright dismissing Flatpak, which accomplishes all of your goals pretty much, with a vague desire to use “plain old Linux” instead of a proper motivation. You should really stop and ask yourself, WHY not Flatpak? What do you actually want, and why is Flatpak not the answer to that?
I point this out first because then in the next paragraph you mention some tools such as Firejail. Which is attempting to do more or less the same as flatpak, but in a more crude/less polished form. And neither Flatpak or Firejail are “plain linux”, they’re just fancy wrappers around a whole bunch of actual “Linux features”, like namespaces, seccomp, cgroups, users, chroot, filesystem permissions, and other higher-level tools such as bubblewrap (in the case of flatpak).
So, do you want to learn the underlying primitives/underlying tooling? If so, start with users, filesystem permissions, and Linux namespaces and the other Linux features I’ve listed.
Or do you want to just deploy applications in a sandboxed environment? If so, use Flatpak/Firejail/Snap/Linux containers such as Podman or Docker, etc. Then manage permissions using Flatseal (in the case of flatpak), and you’re done.
You should stick with trusted sources such as TLDP, Redhat/Fedora docs, Archlinux Wiki, Gentoo Wiki, etc. For example, regarding users: