this post was submitted on 04 May 2024
238 points (84.8% liked)
linuxmemes
20880 readers
5 users here now
I use Arch btw
Sister communities:
- LemmyMemes: Memes
- LemmyShitpost: Anything and everything goes.
- RISA: Star Trek memes and shitposts
Community rules
- Follow the site-wide rules and code of conduct
- Be civil
- Post Linux-related content
- No recent reposts
Please report posts and comments that break these rules!
founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
Mainly the snap client doesnt let you configure a secondary source, and ubuntu's repo doesn't have a good track record of not providing malware.
https://baronhk.wordpress.com/2023/10/01/malware-in-the-ubuntu-snap-store-again/
https://www.bleepingcomputer.com/news/security/ubuntu-command-not-found-tool-can-be-abused-to-spread-malware/
https://www.linuxuprising.com/2018/05/malware-found-in-ubuntu-snap-store.html
So that's admittedly not a good look for canonical, but my read of that is that if you're getting widely-known software from a developer who's publishing it to snap themselves, and you're cautious about your usage, snap is fine.
For example, essentially my only use of snap is to install certbot. If I follow the directions from certbot.eff.org precisely, then I'll get certbot installed and no issues.
I certainly agree that (a) the system is ripe for abuse and (b) should be self-hostable to support Free software. Both of these could be fixed by canonical opening it up.