Snaps & flatpacks
Ralf Mardorf
kde.lists at yahoo.com
Mon Sep 7 16:52:21 UTC 2020
On Mon, 7 Sep 2020 18:46:47 +0200, Ralf Mardorf wrote:
>On Mon, 7 Sep 2020 17:19:44 +0200, Ralf Mardorf wrote:
>>A lot of reasons, such as security issues.
>
>PS:
>
>https://wiki.ubuntu.com/SecurityTeam
>
>Are other and I'm mistaken? Does the Ubuntu security team grant the
>same quality of security for snaps, as it does for regular DEBs from
>security supported repos?
>
>Just running software in a container doesn't make this software
>necessarily secure, if no team does audit the snaps.
>
>All major distros have got security policies and teams that do their
>best to keep packages secure. Some distros even provide auditing tools,
>helping users to check their "regular" packages.
PPS:
"How will support for Ubuntu Core be provided?
Ubuntu Core 15 security updates will be provided via its PPA
overlay only. Ubuntu Core 16 inherits security updates from Ubuntu
16.04. Ubuntu Core 16 snaps are automatically refreshed via the
snap automated update mechanism." -
https://wiki.ubuntu.com/SecurityTeam/FAQ#Official%20Support
"Because classic confinement snaps run without restrictions, use of
classic confinement effectively grants device ownership to the snap.
Due to the sensitive nature of classic confinement:
users must specify --classic when using snap install to install a
snap using classic confinement the review process in the snap store
will flag for human review snaps that specify classic confinement
the store provides a mechanism for the reviewer to allow classic
confinement to the snap so that subsequent uploads do not trigger
human review the publisher shall be vetted using the processes in
this topic before classic confinement is granted by the store" -
https://forum.snapcraft.io/t/process-for-reviewing-classic-confinement-snaps/1460
More information about the ubuntu-users
mailing list