I am thinking about using distrobox. Since I am on debian I wont need it to install software I could otherwise not install. But I have some apps that require weired install scripts and I am thinking about using it as a security measurement. Do you think that is a good idea? Does that idea makes sense?

  • qaz@lemmy.worldEnglish
    61·
    1 day ago

    This is just incorrect

    …or containers, e.g. Docker/Podman

    Distrobox is a script that manages Docker/Podman containers

    What you are installing can cause damage so IMHO it’s more about keeping things manageable while having your actually important data…

    Programs are installed the container, not on the host system. When you break the container the host system is fine unless using rootful (or Docker) containers.

    …while having your actually important data (not programs, downloaded content, etc but rather things you did yourself, e.g. written documents, sketches, configuration files, prototypes, photos, etc) safe…

    Using Distrobox does NOT keep your own files safe, it actually mounts your home directory and external USB drives inside the containers by default fully exposing your documents to whatever you install inside.

    From the documentation:

    Isolation and sandboxing are not the main aims of the project, on the contrary it aims to tightly integrate the container with the host. The container will have complete access to your home, pen drive, and so on, so do not expect it to be highly sandboxed like a plain docker/podman container or a Flatpak.

    • utopiah@lemmy.ml
      2·
      22 hours ago

      Yeah I don’t think you’re addressing what I wrote, you’re mixing up my suggestion (to clarify the important part is “or”) with DistroBox then more general comments. Might be that I wrote it unclearly but anyway it wasn’t what I was saying.