Aeon is using SELinux.
There is no release date, and it doesn’t really matter because the system is rock solid and you will not have to reinstall when Aeon is “released.”
Thanks for everyone’s input.
I’m going to try out Secureblue as per @Anon47486929 's recommendation. If I find myself struggling with it after a week or two then I’ll consider something more mainstream like Mint as per @null 's advice.
One other question regarding the chromium browser in SB. Would it be recommended to use any extensions such as ublock / privacy badger / decentraleyes etc etc. If it makes a difference, my router already has adguard home on it with some filtering lists.
1 Like
You could install uBO Lite.
4 Likes
I completely agree, but the OP is not using it as their daily driver, and just for internet browsing and saving files. I’d immediately suggest openSUSE Aeon which perfectly fits into that category. However, since they asked about SecureBlue, I thought Brace would be a fine choice, since SecureBlue requires configuration.
As far as I can see in the Linux world, there is not a consensus on how browsers should be installed on a system, and as a consequence there is a divergence of practices. At the center of this issue is the question of whether the security features of the browsers are compromised.
Firefox and Brave browsers have official flatpak packages. On the other hand, there are reasonable arguments that their flatpak packages reduce or remove their security features. So why do the developers of those browsers release official flatpak packages? Either they don’t mind sacrificing security, or there are things that are not as important as claimed.
openSUSE Aeon recommended here includes Firefox’s flatpak package.
Let’s say we installed the browsers with the traditional package types and source tar files, SELinux does not contain policies restricting user applications. Tor and Mullvad browsers are also recommended to be installed directly from the source archive, so they will also have unrestricted access to sensitive files etc. on the system.
So how can immutable -and traditional- distributions be secure to use browsers?
I understand that Linux security doesn’t even come remotely close to Android’s, so I threat model accordingly and don’t care if flatpak versions are less secure.
I don’t even log in to my password manager on my PC, that’s how much I trust desktop OSs.
3 Likes
Except the ones that degoogle it. Because being spied on by Google and the government means you’re more secure. That’s where I noped out of it.
Ok so I’ve installed SB, followed the pre-install recommendations, and rebased as per the readme.
For the post install it says " After installation, yafti will open. Make sure to follow the steps listed carefully and read the directions closely."
Does anyone know if that was the screen that popped up that said welcome to Secureblue? I accidentally closed that window and now I’m not sure how to get it back up to follow the steps.
Otherwise all went smoothly 
Thanks
Yes, that window you saw was yafti. run ujust rerun-yafti to access it.
Thanks for the replies @Anon47486929 @Lukas
I know these details because they are talked about on the link I posted.
I don’t know, but I think the developers should have informed the users about these things.
Well, on secureblue hardened chromium or other browsers that users install are restricted by SELinux or not?
Wow, I think you should make it clear in future Aeon recommendations that you don’t trust it enough to even be logged into your password manager. 
The same goes for Windows and any other Linux distribution. MacOS is the only mainstream desktop OS that I would trust and log in to my password manager.
No offense, but that was not the only link I posted.
Actually, I am aware of that, but we know that they have been working on the userspace confinement for some time. Secureblue - Immutable Fedora Hardening - #62 by qoijjj
Yes, I have already commented on this in the secureblue thread.
Eventually secureblue users will want to use other browsers. There’s a general recommendation in the secureblue you suggested to use bubblejail only if the flatpak package of the applications is not going to be installed. There is no mention of whether the hardened chromium browser uses bubblejail or not, nor whether it is necessary for browsers. If there is something missing here, it might be worth mentioning it.
On that note, I chose the non userns version, which I know talked about bubblewrap. Does this mean bubblewrap will still work with flatpaks?
The reason I ask is because my browser of choice has been Librewolf and ideally I’d like to stay with it, but I’m guessing Chromium has been chosen in SB for a reason, so is it a bad idea to use Flatpak Librewolf instead of the bundled Chromium? I don’t really mind Chromium, I just like the familiarity of what I’m used to.
Thanks
Amazing, thank you!
We just shipped built-in content blocking using the same method GrapheneOS’s Vanadium uses (chromium’s subresource filter).
You can always install UBO-lite if you find it lacking (some ads will still show like youtube ads, unfortunately. which is also the case on Vanadium).
1 Like
Either they don’t mind sacrificing security, or there are things that are not as important as claimed.
The former. Brave in particular. For example they have also opted to retain MV2 support. They are willing to sacrifice security for convenience / “privacy”.
So how can immutable -and traditional- distributions be secure to use browsers?
The lack of userspace confinement for desktop linux apps is a fundamental flaw in desktop linux security. It’s not specific to browsers. The problem with browsers is that you unfortunately have to choose between:
- a weak sandbox for chromium itself that also unfortunately breaks the browser’s robust internal sandboxing
- no sandboxing for chromium but preserving chromium’s robust internal sandboxing
#1 seems like a terrible idea, #2 is less than ideal but highly preferable.
1 Like
We don’t exclude any vanadium patches that are relevant to the desktop. Please do not spread misinformation about secureblue
Librewolf might not last much longer, unfortunately.
Native packages and Snaps are fine. Flatpaks not. Flatpaks block the namespace+chroot/pivot_root sandbox layer.
Brave recommends against using their own Flatpak version:
Modern browsers have a multi-process architecture, with sandboxing around the important processes, for example renderer sandboxes, gpu sandbox, extension sandbox and so on. This way you can make these sandboxes much more tailored and thus stricter than you would be able to do around the browser as whole.
Install them not as a flatpak. That’s independent of distros and doable on immutable ones, too.
@sha123 You have already expressed these views in the hyperlinked threads I have attached to my posts and more. I have benefited a lot from your views in the past months, and you have helped me to search for more accurate information in other sources. I thank you for that.
Since this thread is more focused on distributions based on Fedora, I wanted to know if other browsers installed from traditional packages should be restricted by tools like bubblejail, firejail. As we can see the OP is considering using a browser based on Firefox not hardened Chromium.
By the way they wrote the same thing for the official snap package:
You can find Brave in the Snapcraft Store, but while it is maintained by Brave Software, it is not yet working as well as our native packages. We currently recommend that users who are able to use our official package repositories do so instead of using the Snap.