It provides a safety net by pooling the resources of the community to support the less fortunate. This prevents people from having to sacrifice their long term goals because their short term needs may not be otherwise met.

Also in contrast to capitalism that treats society as a zero sum game (“I can’t get ahead unless I take something from someone else”) socialism is a benefit multiplier (“I’m part of the community. By making the life of everyone in the community better I’m also improving my own life”).

They are really good at providing examples for why civilized society needs socialism.

Consistency with their previous default desktop environment, Unity.

Arch: I need reproducible setups. Also bleeding edge is not for me.

I have to give credit to their documentation though!

What put me off selinux is that the officially documented way of generating a new policy is to run a service unconfined, and then generating the policy from its behaviour. This is backwards on so many levels… In contrast policy-based admission control in kubernetes is a delight to use, and creating new policies is actually doable outside of a lab.

Using containers from public registries is no worse than using third party software. In both cases there’s a risk of malicious code. The big difference is that for containers you can scan the image before running it, SBOMs are becoming ubiquitous so dependency vulnerabilities are easier to detect, and runtime protection software is more effective on containers because each container has a deterministic expected behaviour, making it easier to find deviations. I’d much rather manage runtime controls for containers than craft selinux policies.

The bottom line (which the OP article misses) is that while individual container configurations require more effort to set up the additional work to manage them at scale is low, whereas compliance for host based installs is requiring more and more effort. In fact given how popular curl | sh ... is becoming for host based installs I’d argue that they are regressing in terms of safety and reproducibility.

Take a machine with Linux preinstalled. Will it run Linux without problems? Yeah, of course.

Take a machine with Windows preinstalled. Will it run Linux without problems? Check the list.

Many much housen.

Configure port forwarding for the VM.

Selection buffer.

Unless you mean clipboard manager, in which case it’ll depend on your desktop environment.