13
Bazzite Auto Updates (sh.itjust.works)
submitted 1 week ago* (last edited 1 week ago) by dogs0n@sh.itjust.works to c/linux@lemmy.world

Hello good people.

Is no one afraid of Bazzites auto updating nature (in regard to privacy/malware)?

I am myself worried about the potential for well timed supply chain attacks from wherever they build their OS images, which somehow build malicious images or just gets itself into the normal image builds and we auto update to.

Is this an unfounded worry? Does anyone know of the security measures in place to prevent attacks?

Auto update just feels weird to me, especially for something like my OS. I'm asking because I went and installed it and realised auto updating seems to be their philosophy... which is scary?

p.s. i couldnt find anyone online discussing this

Thonks

you are viewing a single comment's thread
view the rest of the comments
[-] LostWanderer@fedia.io 5 points 1 week ago

It's unlikely that anyone could really leverage a vulnerability within the Bazzite OS Build updates and sneak something malicious in there...That is the reason why nobody is really talking about it. Some of the measures used are discussed at the link that I put here.

There is always a slim chance of it happening though; I am sure that people understand the reality of supply chain attacks and know when a malicious actor is determined enough, they'd find a way. If this concerns you so much, wouldn't it be wiser to use a distro that doesn't automatically update? One that simply checks for them and allows you to decide if or when you'd like to?

A healthy amount of caution is just right for anything OS related, but, you seem a bit too worried about it.

[-] dogs0n@sh.itjust.works 2 points 1 week ago

Thanks. I guess since I installed it fully before finding this out, I was looking for if was a silly worry to have or not before starting again with another distro.

I suppose I'll just let it stew in my noggin before deciding if the slight extra peace of mind is worth it, even though I have disabled auto updates with their hacky (unsupported) method of marking my connection as metered (who knows if thats reliable since its unsupported).

[-] LostWanderer@fedia.io 2 points 1 week ago

Yeah, that is why I read everything before deciding on installing anything. As a user, if you trust a distro enough to install it directly, you have to be aware of all it's features first. Yeah, personally I wouldn't keep an unsupported feature enabled for any length of time, that is just asking for a preventable breakage (though easier to rollback with Bazzite or any distro with Snapshots).

If it does bother you enough, it might warrant a distro change...I still say it's not a huge deal. The atomic nature of Bazzite is one of its greatest strengths as there are inherent security advantages. Nothing is absolutely immune to cyberattacks or malware (as there are numerous paths to exploit) but immutable distros are a good and solid thing!

this post was submitted on 24 Jun 2026
13 points (88.2% liked)

Linux

18033 readers
14 users here now

Welcome to c/linux!

Welcome to our thriving Linux community! Whether you're a seasoned Linux enthusiast or just starting your journey, we're excited to have you here. Explore, learn, and collaborate with like-minded individuals who share a passion for open-source software and the endless possibilities it offers. Together, let's dive into the world of Linux and embrace the power of freedom, customization, and innovation. Enjoy your stay and feel free to join the vibrant discussions that await you!

Rules:

  1. Stay on topic: Posts and discussions should be related to Linux, open source software, and related technologies.

  2. Be respectful: Treat fellow community members with respect and courtesy.

  3. Quality over quantity: Share informative and thought-provoking content.

  4. No spam or self-promotion: Avoid excessive self-promotion or spamming.

  5. No NSFW adult content

  6. Follow general lemmy guidelines.

founded 3 years ago
MODERATORS