Does anyone know of a hosting service that offers Silverblue as a possible choice for OS?

It seems to me that for a server running only docker services the greatly reduced attack surface of an immutable distro presents a definitive advantage.

  • @myersguyA
    link
    English
    24 months ago

    Someone with root can run ostree admin unlock --hotfix to make /usr writable. Someone with root can also delete all restore points.

    It would be strange for them to call it that if it actually means “completely irrelevant from a security perspective”.

    See the comment by superkret.

    • @asap@lemmy.world
      link
      fedilink
      English
      14 months ago

      While you are correct, any system is compromised if you have root, so isn’t that irrelevant at that point?

      • @myersguyA
        link
        English
        1
        edit-2
        4 months ago

        While you are correct, any system is compromised if you have root, so isn’t that irrelevant at that point?

        The original context for the comment chain was:

        Because even if an attacker could gain access even as root he cannot modify system files.

        So no, it’s completely relevant.

        • @asap@lemmy.world
          link
          fedilink
          English
          14 months ago

          My comment in the comment chain was:

          An attacker escaping from a container can’t be system root as Podman runs rootless (without some other exploit or weak password).

          We could give the op the benefit of the doubt and thinking that they were saying that the attacker inside the container managed to gain root inside the container.

          • @myersguyA
            link
            English
            24 months ago

            Your comment also contained

            The filesystem itself is also read-only.

            Which is what led to the further discussion of root making that not so.

            I don’t believe that to be the intent of the OP’s comment, given their second sentence, but they are welcome to state otherwise. I just don’t want them thinking that an immutable distribution gives them some kind of bulletproof security that it doesn’t.

            • @asap@lemmy.world
              link
              fedilink
              English
              14 months ago

              Very true. The discussion helped me, as I did think it meant not easily editable.

              As root of course you can change the system to be any other type of system (layer packages, rebase, whatever), but I did assume it meant not easily modifiable in it’s current state.

    • @aordogvan@lemmy.worldOP
      link
      fedilink
      English
      1
      edit-2
      4 months ago

      While what you’re saying is theoretically true, don’t forget that as far as I know, most attacks are perpetrated by bots. And while it is true that in a fedora based version one could run ostree admin unlock etc… this particular command would need to be included in the attack script.

      Now if the script has to be modified to include all possible different immutable systems that could possibly run it would increase the complexity and most importantly the size of said script making it easier to detect.

      I’m not saying that its a bulletproof method, I’m just saying that by itself it greatly minimizes the risk, at least until all servers run immutable systems. And even then it still complicates matters for potential attackers quite a bit. So therefore reducing or at least greatly minimizing the potential of the system being compromised.

      • @myersguyA
        link
        English
        14 months ago

        Because even if an attacker could gain access even as root he cannot modify system files.

        Your comment was already from the position of if an attacker could gain root access. My responses were to that directly, and nothing else.