Ok. I guess I never noticed because I actively don’t like any of those features and I definitely don’t want Discord to have unrestricted filesystem access. The file picker in Vesktop works for me without giving full access.

What features? Discord was working perfect for me on a custom client (Vesktop) but is broken now because they hate me using a VPN.

I think is very dependent on the apps you install because i haven’t need to do really any workarounds and i install all my apps through Flatpak. The only messing around with permissions i do is disabling everything that i dont need (like printer or smartcard access). I also have over a hundred apps installed.

While I agree snapper (what CachyOS uses) I very useful, it is important to draw a distinction between snapshots (snapper) and a proper backup tool (borg or restic). Snapshots are usually stored on the same drive, so in the event of a drive failure/corruption you are still very fucked. Proper backup programs also have other important features, like the ability to select remote locations, setup encryption, etc. DO NOT rely on snapper to (always) save your ass.

That being said, I fucking love snapper and it was the main feature I was missing from openSUSE.

Chimera Linux uses musl libc, Void Linux has the option of musl libc, and of course Alpine uses musl libc.

Wydm? Rockchip copied their code, changed the license and didnt attribute FFmpeg. FFmpeg is a small team of enthusiasts who are responsible for plenty of important innovation and remain largely unpaid even with such substantial widespread use of their code in like SOOOO MANY big software projects. It isn’t their fault that people aren’t following the simple rules of the license to use their code.

I tried Waterfox and didnt really get it? Why use it over for example Zen or Librewolf? It just seemed way to close to Firefox but like with a couple of preinstalled extensions. Idk, just wasn’t for me.

My browser(s) is just a tool. I use many browsers for different things. I wish there were good alternatives to the main browser engines (Gecko, Blink, WebKit), but I am fine with just using good derivative browsers like Librewolf, Mullvad, Cromite, etc.

Waterfox is Gecko. I still agree with the comment that mentions it is written by a right-winger. I rather root for Servo, especially because Ladybird is just another web engine written C. Memory safety vulnerabilities are the largest represented class of vulnerabilities discovered every year. Servo being fully written in Rust is a good thing for its security, as long as they also design a strong sandboxing/isolation strategy on all OS platforms.

It is only going to be disabled-by-default

Does Slackware not having rolling releases for packages. I legit know nothing about Slackware other than it isnt for me.

Security and bug fixes have made Plasma 6 run better for me. Wayland support is better now too (which matters to me). Minor features that improve usability. Newer kernel means i can use newer features, which some of the apps I use depend on. The main thing with your setup I was surprised about is that it isn’t an LTS kernel (from what I can tell). If you are just not updating and not using LTS software (i can’t tell), then you are missing plenty of security fixes.

Why are you using KDE5 and an old kernel, and not just having updated software?

The permission OP should look for is DRI.

I actually really like GNOME and haven’t had problems yet with extensions. I have it the way I like it, and no matter what I do, I haven’t found features that are half-implemented or broken like on KDE (eg. theme search missing/hiding 90% of themes, desktop effects broken after install, weird crashes, freezing when accessing system apps or app menu). I think Qt is ugly (personal preference) and I prefer libadwaita GTK4 apps for their stability. People are going to hate, but there is no such thing as a perfect project that fits everyone’s needs. I am not saying GNOME is perfect or that it isnt opinionated (i wish app status indicators were supported, ability to modify Flatpak app permission in the system settings, and support for dock/panel), but GNOME is solid and (dare I say it) is a good DE.

Btw I love KDE and it is the DE i am currently using. I also love GNOME. There aren’t really any DEs I hate except maybe Deepin. Any DE that doesn’t support Wayland (or doesn’t plan on it) is not something thst I ever plan on using because security and stability are BIG requirements for me, I don’t like technical debt or legacy cruft.

As I mentioned, most security vulnerabilities are not reported because it may not seem security related. The distro maintainers can’t keep up with every package and read all the commits, so as a result security fixes often go unfocused. It is a real big problem that many security researchers acknowledged.

I still would never recommend a “stable release” or LTS distro because the vast majority of security vulnerabilities never receive a CVE, and as a result the a large amount of vulnerabilities go unpatched for months. Also I like distros that take security seriously (Fedora and openSUSE).

It has to do with LTS kernel (iirc) making it incompatible with certain new(er) hardware. I recommend Fedora KDE.

Why is it better? KDE has more features and first-class Wayland support. If I wanted an X11 DE, I would choose XFCE because of its general clean code and performance.

Redox is UNIX-like, not a BSD flavor. The kernel, init, userland, etc. aren’t BSD related.

You don’t have to sandbox he browser with Bubblejail if you don’t want. I was only suggesting it and providing instructions in case you wanted an extra layer of isolation.