Isn’t supporting 32-bit apps on a 64-bit OS a security concern though? I thought that’s why some linux distros were disabling 32-bit repositories by default on their 64-bit versions
Distros are shutting down system 32bit repos, because they require effort to be maintained: people who patch possible security holes, and people who test and package them. As most people have switched to 64bit systems, developers are no longer maintaining 32bit versions, no longer patching them, and barely anybody cares to check or run them, so any possible security flaws can slip through.
This is all irrelevant if you run stuff in a VM, or a container: so it has a security flaw? Cool, let it get… nothing, it’s contained.
Games running in a contained Wine, or in a OS container, can have all the security flaws they want, who cares. Games also rarely get security patches, or any kind of patches at all, so running them contained should be standard practice anyway.
Thanks for the explanation! I didn’t realize it was mostly a maintenance limitation, I thought maybe 32-bit instructions could be an extra attack vector on a physical CPU instruction level or something like that.
Isn’t supporting 32-bit apps on a 64-bit OS a security concern though? I thought that’s why some linux distros were disabling 32-bit repositories by default on their 64-bit versions
Not by itself.
Distros are shutting down system 32bit repos, because they require effort to be maintained: people who patch possible security holes, and people who test and package them. As most people have switched to 64bit systems, developers are no longer maintaining 32bit versions, no longer patching them, and barely anybody cares to check or run them, so any possible security flaws can slip through.
This is all irrelevant if you run stuff in a VM, or a container: so it has a security flaw? Cool, let it get… nothing, it’s contained.
Games running in a contained Wine, or in a OS container, can have all the security flaws they want, who cares. Games also rarely get security patches, or any kind of patches at all, so running them contained should be standard practice anyway.
Removed by mod
Thanks for the explanation! I didn’t realize it was mostly a maintenance limitation, I thought maybe 32-bit instructions could be an extra attack vector on a physical CPU instruction level or something like that.