Snaps & flatpacks
Liam Proven
lproven at gmail.com
Mon Sep 7 13:21:33 UTC 2020
On Mon, 7 Sep 2020 at 15:07, Oliver Grawert <ogra at ubuntu.com> wrote:
>
> well, until the correct airhole has been poked to allow chromium to
> access the extension API in a secure way ... snaps have interfaces to
> interact with the rest of the system.
>
> the list of possible/available interfaces grows every week and
> eventually a "gnome-extensions-control" interface will be added that
> allows such access. it is a matter of the manpower of the snapd team or
> of a community person to submit a PR that adds this interface (given
> that by design gnome extensions monkey-patch the gnome shell javascript
> code at runtime, this is a rather non-trival effort though)...
>
> the point of snaps is not to limit system access of apps to annoy the
> user, but to give the user full secure control over what an app can
> access. as long as such contol can not be provided securely, the
> feature will be locked down indeed ...
Certainly, yes.
As I said, I would not call them "worse" as the OP did. These
containerised formats are _more_ secure but some things may not work
as expected, and that will need individual attention. The poster in
here recently who installed Chromium but could not add GNOME
extensions being an example.
One of the distros I occasionally play with is GoboLinux, which has
simple filesystem-based app isolation -- less secure but when it was
invented, some 16-17 years ago, containers had not really been
implemented on Linux yet. I suspect it might be possible to construct
a Gobo-like distro where _all_ the apps were in containers of some
form, with a very much simpler and easier-to-understand filesystem and
package manager.
Meantime, distros like Endless OS, Fedora Silverblue and openSUSE
MicroOS are trying to do something comparable on the desktop. It is
probably a good idea over all, but these are early days.
--
Liam Proven – Profile: https://about.me/liamproven
Email: lproven at cix.co.uk – gMail/gTalk/gHangouts: lproven at gmail.com
Twitter/Facebook/LinkedIn/Flickr: lproven – Skype: liamproven
UK: +44 7939-087884 – ČR (+ WhatsApp/Telegram/Signal): +420 702 829 053
More information about the ubuntu-users
mailing list