#Fedora #Silverblue provides an immutable root system where all userspace software is either installed to Flatpak or containers.

This has numerous benefits:

1. Very difficult to brick your system, allowing you to maintain/evolve your desktop #linux setup over years.

2. There is an entire class of malware that relies on subverting the root filesystem and implanting itself as a super process. This is not possible with Silverblue.

3. Flatpaks are sandboxed and their permissions can be clamped down with Flatseal.

4. For the few packages that require system root, Silverblue lets you update the root system in a transactional manner using `ostree`; this will create a new immutable boot partition that can easily be rolled back. I install OpenSnitch, Mullvad, and rkhunter in the root system. Everything else goes to userspace.

This is the way.