[totallywrong]

> I don't think OS becomes any less vulnerable than usual Linux/Windows installation.

A modern Linux with SELinux enabled (the default in e.g. Fedora) running apps inside rootless containers (Podman doesn’t even need a daemon) is likely much more secure than your default MacOS or Windows.

[fkgmeqnb]

If you're talking about desktop use, not really. All the software in a default Fedora desktop install, runs as unconfined by SELinux policies.

Where SELinux really shines is in server installs.

[brabel]

I think you're probably @totallywrong

[anthk]

TBH, Fedora Silverblue with the parent commenter's approach it's far more secure.

[totallywrong]

Well Linux powers just about all the most important systems in the world and SELinux was originally developed by the NSA, but I'd love to get your insights.