Question about Snaps
Peter Silva
peter at bsqt.homeip.net
Sat Oct 8 22:25:54 UTC 2016
I don't think snaps are a mess, it is just different, putting the onus
on security patches on the snap maintainers, rather than the distro.
It means there will be a heck of a lot of new versions of packages...
every packager needs to keep up with security issues in the underlying
OS.
So whenever someone has an update to, say libc, every single snap
needs to be updated, because none of them use the system-wide one.
Instead of (or likely in addition to) patching the libc for the base
OS, you need to patch the libc in all the snaps. For an admin, it
means stuff won't break as much, because no-one is using your
libraries anyways, but as others have stated, when the admin has
patched, it doesn't mean the vulnerability is addressed, have to track
each vulnerability for each snap.
As an admin type person, I don't see snaps as worth the hassle, and
likely a lot more bytes required to patch whole systems. OTOH, I
could see it making life easier for devs, who will know exactly what
version of each library they use is being used, reducing the size of
the support matrix to the versions they used to build the snap.
On Sat, Oct 8, 2016 at 5:42 PM, Ralf Mardorf <silver.bullet at zoho.com> wrote:
> On Sat, 8 Oct 2016 23:41:24 +0200, Ralf Mardorf wrote:
>>On Sat, 08 Oct 2016 16:37:43 -0500, Chris wrote:
>>>Not only that but if you have to remove an app this guarantees that
>>>it's completely removed.
>>
>>"apt purge <package>" doesn't the same?
>
> followed by
>
> apt autoremove
>
>
> --
> ubuntu-users mailing list
> ubuntu-users at lists.ubuntu.com
> Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-users
More information about the ubuntu-users
mailing list