The controversy around snaps is growing :-(
Ralf Mardorf
kde.lists at yahoo.com
Mon May 4 16:17:05 UTC 2020
On Mon, 4 May 2020 17:56:44 +0200, Ralf Mardorf wrote:
>On Mon, 4 May 2020 17:35:12 +0200, Tom H wrote:
>>But one of the reasons that Fedora dislikes Snap is that it uses
>>apparmor rather than selinux.
>
>This makes no sense, since appamor is the required infrastructure to
>ensure snap's security. Since I build my kernels with
>
> CONFIG_AUDIT is not set
>
>I can't have appamor support either. I had some talk about this and
>other pitfalls with Mark Shuttleworth and Oliver Grawert at the now
>discontinued snapcraft-request at lists.ubuntu.com mailing list. That was
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ Oops,
snapcraft at lists.ubuntu.com
AFWIW
"***********************************************************************************************
>>> MOVED: This list is being migrated to the forum at
>>> https://forum.snapcraft.io. Please subscribe there instead.
***********************************************************************************************"
- https://lists.ubuntu.com/mailman/listinfo/snapcraft
>a long, long time ago, when Arch Linux didn't provide the appamor
>infrastructur by default. Nowadays, with all the Spectre and Meltdown
>mitigations Arch Linux doesn't care about the odd, long, slow path
>anymore and does provide kernels with CONFIG_AUDIT set and appamor by
>default, too. It's just me, who still builds without. Maybe it still
>makes a difference when disabling mitigations. To be honest, I never
>tested it.
More information about the ubuntu-users
mailing list