Programmer by day, burnt out by night.

  • 0 Posts
  • 528 Comments
Joined 2 years ago
cake
Cake day: July 22nd, 2023

help-circle


  • Shame they didn’t mention that homebrew is a security nightmare and will happily download maliciously modified code

    That’s so true, I was missing this part! With homebrew you’re at the mercy of whoever put the package out there, much like with installers (and nix to be fair)

    Edit: omg then the author claims flatpak is better for security?!? It has the same nightmare security issues.

    LMAO no‽ Flatpaks can be verified, and you can choose not to install unverified flatpaks (which you should!) They are also containerised pretty well by default, in case they’re malicious!












  • Mainly memory safety; split (which is also used for other programs like sort) had a memory heap overflow issue last year to name one. The GNU Coreutils are well tested and very well written, the entire suite of programs has a CVE only once every few years from what I can see, but they do exist and most of those would be solved with a memory and type safe language.

    That said, Rust also handles parallelism and concurrency much better than C ever could, though most of these programs don’t really benefit from that or not much since they already handled this quite well, especially for C programs.







  • I’ve found it needed a lot of extra steps, plus fidgeting with the OSTree defeats some of the safety/stability of it all. Bazzite, at least, recommends against using OSTree blindly as that’s meant for sysconfig and recommends using Homebrew instead, as this lives in your user space and touches very little; but even installing libqalculate gives memory issues. Most things I attempted to install did, actually. The Ruby interpreter installed just fine, and was the only CLI program that installed just fine IIRC.

    Now, I feel like it’s less of a hassle to Just Use Mint®, especially since I’ve got it installed anyway.