You can achieve roughly the same by writing down the SHA256 hash the first time you download and then comparing when you download the next time.
But, yeah, while I do not like submodules, for vendoring stuff it seems a reasonable approach. There's also https://github.com/fosskers/vend if you lean that way.
It's just incomplete and very early days for landlock.
Landlock requires you to commit upfront to what is "deny-default"ed but they only added a control for TCP socket bind and nothing else. So you can "default-deny" tcp bind but all the other socket paths in the kernel are not guarded by landlock. It tries really hard to have the commit of features be an integral part of the landlock API so that you can have an application able to run on multiple kernel versions that support different parts of the landlock spec. But that means that as they develop the API the older versions of landlock need to be less restrictive than newer versions otherwise programs dont work across kernel versions.
That way, a program that is very restrictive on say kernel 6.30 can also run on kernel 6.1 with less restrictions. The program keeps functioning the same way (never break userspace). The only way to do that is to have the developer tell what parts need to be restricted explicitly and you can't restrict what isn't implemented yet.
There's always a lot of caution and review that goes into a new syscall feature, because once you add a feature, there's no takebacks. All the libraries downstream from landlock rely on the kernel API being good.
There is an ongoing patch series for udp and another one for general socket control.
You can read about it on the linux-security-module mailing list.
Basically UDP is harder to hook into because it's a connectionless protocol. So bind and connect don't really work the same way.
I have it bound to a mouse button. Something to try! Also I have "enter" bound to another mouse button. I hold down one to talk, then when it's done transcribing I press enter. I use an MMO Mouse, the $50 Corsair Scimitar.
Seems like the app stores could just seperate into App Store Recommended and Community apps. Then you keep both but the app store vetted ones are top always.
In fact, when I saw the new logo, the first thing that came to my mind was Brigadier General Jack D. Ripper in Dr. Strangelove saying "I deny them my essence."
Seems like i should be concerned that the company running our edge infastructure decided to expand into crypto...how is this not the signal to jump ship...
Each profile in GrapheneOS is encrypted separately, and switching profiles require entering a PIN (plus additional biometric methods if you set them up for that profile) before the data is decrypted and accessible.
So yes, you can hand the phone over to a friend or family, and they cannot get to any other user profile. Or you can set up a separate profile just for them, and they will have their own isolated set of apps - something like a separate user account on a desktop PC. And if only they know the PIN for their profile and you don't, they can keep secrets from you on that profile.
