• carzian@lemmy.ml
    link
    fedilink
    arrow-up
    11
    arrow-down
    1
    ·
    6 months ago

    I had no idea that (open)SUSE was so security minded in their packaging. It makes sense in retrospec. It sucks they didn’t catch this earlier, but this response makes me happy to use tumbleweed

    • barryamelton@lemmy.world
      link
      fedilink
      arrow-up
      2
      arrow-down
      6
      ·
      6 months ago

      Barring Arch, and boutique distros, other distros normally have even better packaging standards than opensuse. By far.

      • Pirata@lemm.ee
        link
        fedilink
        arrow-up
        7
        arrow-down
        2
        ·
        6 months ago

        No they don’t. OpenSUSE, especially tumbleweed, is way more security-focused than other distros.

        It’s a very low-trust default install, and it takes some work to get things through the firewall. Compare that to Fedora where every port above 2025 is open by default.

        • barryamelton@lemmy.world
          link
          fedilink
          arrow-up
          4
          ·
          edit-2
          6 months ago

          that is orthogonal with packaging standards, packaging security, and packaging policy violations…

          Compare this: https://www.debian.org/doc/debian-policy/

          With this single page: https://en.opensuse.org/openSUSE:Packaging_guidelines

          In case you think “but those policies are not needed, they are superfluous” (like some Arch devs). They are not. Packagers send their fixes upstream, and then, other distros, with lower standards, consume the already fixed upstream releases, and sometimes pretend that this work was not needed nor present, not realizing that all distros benefit from it even if your policies are more relaxed.

          There’s a reason why the Deepin Desktop Environment was never part of Debian, and only available via their own ppa repositories, even if the Deepin distro is based in Debian.