There are a few obvious security implications with the rise of containerized packaging. One of the first is the move away from true centralized, least trust packaging. With traditional packages, you are trusting your distro maintainer (be it Debian, Canonical, RedHat, Arch, SUSE, etc.) To provide patched versions of software from their trusted repository mirrors to your computer. This does a few things like limiting the amount of places that you need to download software binaries from, as well as having other potential benefits like checksum validation on downloaded packages.
Most containerized package platforms including Docker, Snap, Flatpak tend to have a centralized set of repository mirrors, but anyone may compile and publish their own software to it. Flatpak is kind of the exception to this. Some distros (i.e. Fedora) publish their own sets of repos with flatpak packages. This is because Flatpak allows for more than one source repo for packages. I do believe Docker, Podman allow for the same as well. Snap infamously doesn't allow any repos other than Canonical's proprietary community repo.
Most of these containerized packages solutions also offer varying levels of sandboxing, which is a good set of security features that could benefit individual hosts from potentially vulnerable software. One could argue that flatpaking Firefox or other browsers and jailing them to limited capabilities and filesystem access is a good thing given the potential for malware propagation through such applications.
In particular though, most containerized solutions aren't generally hated by online user communities except Snap, which has both been among the most restrictive as well as furthest behind in features, performance parity, and general user experience. Snap was for the longest time significantly far behind Flatpak for user land applications and still wouldn't be my first choice for server applications compared to Podman or Docker due to just not being nearly as flexible as the other two.
The performance of the platforms can vary compared to native. For the desktop-oriented platforms (Snap, Flatpak) they generally perform insignificantly different from native packages, although Snap packages that are built compressed have had horrific IO performance for the loading of package files (leading to atrociously slow startup times of applications in the past). This is supposedly better now, though I have no intention of installing Snapd to find out.
As a note for culture, people particularly also dislike Snap because of how badly Ubuntu (Canonical's Linux distro) is depending on it, including having Snap automatically reinstall after removal and dropping many packages from apt only to throw redirects in to pull the snap package when requested from apt. This is why de-snapped derivatives of Ubuntu are also popular.
As for package sizes, they tend to be a bit bigger than native, as well as the added cost of a second set of libraries. Many users online don't get the 'why' when their first package from Flatpak is nearly a 3 GiB download, despite the following packages will hardly be any different in size from native packages. In a way, these packaging solutions do remove an advantage of the singular set of libraries. If you use netbooks, SBCs, IoT devices, or other similar minimal storage devices, you might feel this impact. However most systems will only have a marginal increase of storage utilization overall from a second set of libraries being installed.
GOP leaders brazenly skirted a state Supreme Court ruling with a law shielding the money from public scrutiny. Many other states are doing likewise. Are we repeating the tobacco settlement debacle?
The pandemic relief was the biggest bailout in history, and it opened the door to wide-scale fraud the likes of which no one had ever seen — more than three years later, we still don’t know h…
Mississippi is starting the court-ordered process of letting people cite religious beliefs to seek exemptions from state-mandated vaccinations that children must receive before attending day care or school.
The amendment to the defense authorization bill would forbid service members from contacting the Military Religious Freedom Foundation or its leadership.
Former President Donald Trump has lashed out on social media against the U.S. Justice Department after it stopped supporting his claim that the presidency shields him from liability against a defamation lawsuit.
She claims that the decision that allowed a Colorado web designer not to be forced to create a site contrary to her beliefs extends to her view that only heterosexual couples should be married.
What we all know is these types of bigots are on the outs. Shame the fuck out of them, they don’t do anything positive for your communities. They are wildly thrashing (with seemingly powerful national voices). They will never completely go away but they are reacting to a change in the norms that’s been coming for decades.
[Question] Why does everyone seem to dislike containerized packages? ( kbin.social )
TLDR at bottom....
Missouri has decided to turn down millions in federal food aid for low-income children • Missouri Independent ( missouriindependent.com )
The state said this week it will not participate in a federal program that would provide $120 in benefits to each eligible child,.
Ohio Republicans’ Rotten Scheme to Spend Opioid Settlement Money in Secret ( newrepublic.com )
GOP leaders brazenly skirted a state Supreme Court ruling with a law shielding the money from public scrutiny. Many other states are doing likewise. Are we repeating the tobacco settlement debacle?
Hundreds of thousands of vote-by-mail requests erased from Florida's system ( nbc-2.com )
Most everything has an expiration date, but one thing you may not have expected to expire was your vote-by-mail ballot.
Donald Trump brands US a ‘third -world hellhole’ run by ‘perverts’ and ‘thugs’ ( www.independent.co.uk )
Former president claimed American dream ‘dead’ under Joe Biden during Turning Point Action Conference speech
The Trillion-Dollar Grift: Inside the Greatest Scam of All Time ( www.rollingstone.com )
The pandemic relief was the biggest bailout in history, and it opened the door to wide-scale fraud the likes of which no one had ever seen — more than three years later, we still don’t know h…
Mississippi, under judge's order, starts allowing religious exemptions for childhood vaccinations ( apnews.com )
Mississippi is starting the court-ordered process of letting people cite religious beliefs to seek exemptions from state-mandated vaccinations that children must receive before attending day care or school.
DeSantis Claimed Pandemic Success in Florida as “Excess Deaths” Skyrocketed ( truthout.org )
More people died in rural Florida and across the U.S. during the pandemic's first two years than officially reported.
Ban on troops communicating with religious freedom group clears House ( www.armytimes.com )
The amendment to the defense authorization bill would forbid service members from contacting the Military Religious Freedom Foundation or its leadership.
Panicked Trump Wants Georgia Evidence Tossed to Stop Third Indictment ( newrepublic.com )
Trump is doing everything he can to stop the investigation into his efforts to overthrow the 2020 election.
Trump lashes out after Justice Department no longer says presidency shields him from defamation suit ( apnews.com )
Former President Donald Trump has lashed out on social media against the U.S. Justice Department after it stopped supporting his claim that the presidency shields him from liability against a defamation lawsuit.
State guard set up by DeSantis is being trained as personal militia, veterans say ( www.theguardian.com )
Veterans resign as force established as civilian disaster relief becomes ‘militaristic’ and ‘abusive’
Texas Judge Refuses to Marry Same-Sex Couples, Cites Supreme Court Decision ( www.advocate.com )
She claims that the decision that allowed a Colorado web designer not to be forced to create a site contrary to her beliefs extends to her view that only heterosexual couples should be married.
Ron DeSantis’ campaign finances have some flashing warning signs ( www.nbcnews.com )
Full article text:...
A gay couple ran a rural restaurant in peace. Then new neighbors arrived. ( www.washingtonpost.com )
The conflict between a restaurant and conservative neighbors is tearing at the fabric of The Plains, Va., population 250.
'Disgraceful': GOP Advances Bill That Could Remove 220,000 Teachers From Classrooms ( www.commondreams.org )
"If left to their own devices, Republicans would gleefully take public education to the graveyard," said Democratic Rep. Rosa DeLauro.