Comment by pbmonster

4 days ago

I can conceive a couple of ways.

GrapheneOS-style sand-boxing for every app is long overdue in Linux. I'd love to have it's granular permissions for every single service. I'd love to have the battery management, the unified settings UI, the effortless disk encryption UX and key management.

Could you build it with SE Linux and a lot of glue? Yes, but nobody has. And doing it well, everywhere, would take a lot of hours.

9 comments

pbmonster

dlt713705 4 days ago

> the unified settings UI

You will never have a UI capable of encompassing all the settings available in Linux. You will only have a UI capable of configuring your desktop experience, which is just a small subset of the full Linux experience.

pbmonster 4 days ago
Is it unreasonable to ask "why not"? I like the state of Android's (as packaged by GrapheneOS) settings UI much better than any other settings system, period.
It's all in one place - I can't think of a single thing I would want to configure that isn't found in that one dialog. It doesn't always make sense, but it's searchable, and the search works.
- rs186 4 days ago
  
  Just imagine configuring nginx or apache with UI.
  
  3 replies →

pabs3 3 days ago

Take a look at QubesOS.

pbmonster 3 days ago

For Linux on x86, it's by far best in class.
Unfortunately, not even close to being as comfortable to use as GrapheneOS, and still significantly less secure than it - even if we completely disregard the sad situation of hardware security on x86 (but can't blame QubesOS for that one).

kangs 4 days ago

just run bazzite already