Snapcraft, Snappy
Oliver Grawert
ogra at ubuntu.com
Sun Jul 10 16:04:00 UTC 2016
hi,
Am Sonntag, den 10.07.2016, 17:11 +0200 schrieb Ralf Mardorf:
> Hi,
>
> there's an interesting counter-argument against something similar to
> snapcraft/snappy.
>
> https://lists.archlinux.org/pipermail/arch-general/2016-July/041579.h
> tml
well, this is about flatpack not snappy ... comparing apples with peas
... ;)
snappy uses completely different confinement mechanisms (apparmor,
seccomp, packages being 100% readonly, the exec env being readonly
etc), and while it is true that shipped dependencies of an app can
actually be compromised, the confinement will save you from ill effects
on your system through that.
yes, one app *can* have a compromised libssl in the snap, but that
security breach will exactly only apply to that one app, there is no
way for it to affect the system or any other apps (unless the user told
it to by enabling any cross snap interfaces)
if your kernel would be broken enough to actually circumvent the used
security mechanisms above, i guess issues in snap packages would be the
least of your problems :)
ciao
oli
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 181 bytes
Desc: This is a digitally signed message part
URL: <https://lists.ubuntu.com/archives/ubuntu-devel-discuss/attachments/20160710/951f04f6/attachment.sig>
More information about the Ubuntu-devel-discuss
mailing list