tsuguI respect people who don't like snaps, but Canonical will not abandon a successful project
corsicanguppyFormer Unix security chief.
Do not use snaps. Risky as hell.
Why? I’ve heard this for years at this point, but as someone who rarely uses snaps because they’re the only convenient option for software I’m using, I’m generally ambivalent about them.
People seem to hold really strong opinions about snap but I’ve never been able to get a straight answer, just a bunch of hand waving.
Mainly the snap softwar3softwar doesnt let you configure a secondary source, and ubuntu’s repo doesn’t have a good track record of not providing malware.
forum.level1techs.com/t/…/208817
bleepingcomputer.com/…/ubuntu-command-not-found-t…
linuxuprising.com/…/malware-found-in-ubuntu-snap-…
Malware in the snap store (again)
It’s funny, I’ve been running fedora for the better part of a decade but recently migrated to debian because I guess I’m getting old and conservative and value stability and simplicity (apparmor vs selinux in userspace) a lot more. As with debian, sometimes the apps you need aren’t in the main repos, so you usually just install them via flatpak and call it a day. Thing is a lot of flatpaks, altho vetted by flathub volunteers, are just wrappers that are not made by the official developers which...
So that’s admittedly not a good look for canonical, but my read of that is that if you’re getting widely-known software from a developer who’s publishing it to snap themselves, and you’re cautious about your usage, snap is fine.
For example, essentially my only use of snap is to install certbot. If I follow the directions from certbot.eff.org precisely, then I’ll get certbot installed and no issues.
I certainly agree that (a) the system is ripe for abuse and (b) should be self-hostable to support Free software. Both of these could be fixed by canonical opening it up.