openSUSE Linux<p><a href="https://fosstodon.org/tags/Leap" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Leap</span></a> 16.0 now defaults to <a href="https://fosstodon.org/tags/SELinux" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SELinux</span></a>, <a href="https://fosstodon.org/tags/Myrlyn" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Myrlyn</span></a> + <a href="https://fosstodon.org/tags/Cockpit" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Cockpit</span></a> step in for <a href="https://fosstodon.org/tags/YaST" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>YaST</span></a>, & <a href="https://fosstodon.org/tags/zypper" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>zypper</span></a> has parallel <a href="https://fosstodon.org/tags/repo" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>repo</span></a> downloads. <a href="https://fosstodon.org/tags/Xfce" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Xfce</span></a> users on <a href="https://fosstodon.org/tags/Wayland" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Wayland</span></a> can enjoy greetd/gtkgreet instead of <a href="https://fosstodon.org/tags/LightDM" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>LightDM</span></a>—ideal for modern minimalists. <a href="https://news.opensuse.org/2025/08/04/leap-16-rc/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">news.opensuse.org/2025/08/04/l</span><span class="invisible">eap-16-rc/</span></a></p>
Administered by:
#selinux
1 post1 participant0 posts today
Just had my first disagreement with a coworker.
It was all about #SELinux.
Come to find out, the issue wasn't even about that.
A file was just missing.
I'm now sitting in my comfy chair trying to calm down.
@opensuse Tumbleweed rolling release moves from AppArmor to SELinux for its underlying security layer
https://www.linux-magazine.com/Online/News/openSUSE-Tumbleweed-Ditches-AppArmor-for-SELinux
#openSUSE #Tumbleweed #AppArmor #SELinux #Linux #OpenSource #distro #FOSS #security
I hope #SELinux improved its usability since the last time I had to literally invoke Cthulhu to make it work in a moderately sane basis.
https://9to5linux.com/opensuse-replaces-apparmor-with-selinux-on-new-tumbleweed-installations
openSUSE Mailing ListsAnnouncement: SELinux as default MAC system on new Tumbleweed installations - openSUSE FactoryHi all,
We would like to announce that with the next openSUSE Tumbleweed
snapshot 20250211 the default mandatory access control (MAC) system
selected by the installer will be switched from Ap……
Replied in thread
@kde@floss.social @kde@lemmy.kde.social
Thx for the info, then it is like that.
Here is the goal proposal
https://phabricator.kde.org/T17370
Tbh, #bubblewrap would need to be fixed drastically to be as secure as the #Android #sandbox. And (I am not sure yet) I think even #Snaps are more secure (on #Ubuntu with #Apparmor patches) than #Flatpak with the current system.
As far as I understood, sandboxing needs to happen in #userspace, with tools like #fuse doing the work while being restricted by #MAC like #SELinux or Apparmor.
phabricator.kde.org⚓ T17370 Sandbox all the things!