The controversy around snaps is growing :-(
Ralf Mardorf
kde.lists at yahoo.com
Mon May 4 15:56:44 UTC 2020
On Mon, 4 May 2020 17:35:12 +0200, Tom H wrote:
>But one of the reasons that Fedora dislikes Snap is that it uses
>apparmor rather than selinux.
This makes no sense, since appamor is the required infrastructure to
ensure snap's security. Since I build my kernels with
CONFIG_AUDIT is not set
I can't have appamor support either. I had some talk about this and
other pitfalls with Mark Shuttleworth and Oliver Grawert at the now
discontinued snapcraft-request at lists.ubuntu.com mailing list. That was
a long, long time ago, when Arch Linux didn't provide the appamor
infrastructur by default. Nowadays, with all the Spectre and Meltdown
mitigations Arch Linux doesn't care about the odd, long, slow path
anymore and does provide kernels with CONFIG_AUDIT set and appamor by
default, too. It's just me, who still builds without. Maybe it still
makes a difference when disabling mitigations. To be honest, I never
tested it.
More information about the ubuntu-users
mailing list