I pose this question to any Fedora devs and community members in the know.
Are the recent immutable distros, (put out by Fedora, Nitrux, Nix, Vanilla, etc) more vulnerable to Bad USB attacks due to the exclusion of usbguard from the APT repositories (Due to immutable distros only using appimage and Flatpak/Snap) ? And are immutable distros vulnerable due to additional software excluded from APT, such as fail2ban and Crowdsec ?? If yes, is it worth switching to ?
This is a Fedora forum. Fedora does not use APT. This is also not how “immutable” distros work. They all have regular system packages included, just composed in a different way.
Do you know how Fedora works?
This is a very big generalization, as the implementations are very different, and Fedora does not use APT.
And, you can install usbguard on Fedora Atomic Desktops.
You used the category “project discussion” which is used if you are a contributor or have concrete plans to contribute. Not if you have generalized questions, but that is no problem.
Actually I am new to Fedora. I recently tried out a couple of atomic Fedora versions, as well as others. I Do realize that you don’t use the APT manager, and I thought that there might be other repos for these packages for other distros other than Debian/Ubuntu. However all the documentation I have poured over so far about atomic/immutable distributions mentioned that they “only” use Appimages and Flatpaks/Snaps for packages. So if they are not in those repos from the graphical PM side, is it some compile cli side repo that must be aquired??
Also sorry if I am asking these questions in the wrong area. Again brand new here and it seemed as though this was the right forum. Happy to be directed to any general q&a forum you have.
Fedora changed all the conversations to a single forum, so these issues occur quite often. In the past, “discussion” and “ask” were separate forum instances, for project stuff and community/q&a stuff. It is costy and annoying, having both together is better.
As this is a pretty unspecific post, it matches the general tech talk and will likely be not very active, sorry for that.
Your other post fits in ask, and we can discuss the specific question there