Snap and modern software (was: Remove /snap directory)

Jeffrey Walton noloader at gmail.com
Thu Dec 15 21:30:04 UTC 2022


On Thu, Dec 15, 2022 at 3:36 PM Ralf Mardorf via ubuntu-users
<ubuntu-users at lists.ubuntu.com> wrote:
> [...]
>
> There are security measures such as using signed checksums or as using
> read only containers for an executable. It makes a difference, if we
> care for security used by the apt package management, by snaps or by
> something else.
>
> There's no guarantee, but some security measures are reasonable, while
> security through obscurity is snake oil.

I'm not sure I follow.

As an example, I help maintain Wei Dai's Crypto++
(https://cryptopp.com/). We work closely with László Böszörményi, who
is Debian's package maintainer for Crypto++ at Debian. László
downloads published sources from the website, verifies the signature
on the tarball, builds the library per our specifications, and then
runs the self tests to ensure there are no obvious problems. Once
packaged, Ubuntu inherits the package from Debian. Since Debian and
Ubuntu provide a secure distribution channel, users can be fairly
confident they are getting an authentic version of the library.

In contrast, Snaps don't seem to have the same level of assurance.
Here are some inadvertent and malicious actions that could be taken:
(a) download the sources from the wrong site; (b) use tainted sources
from an untrusted source; (c) modify the authentic sources before
building the library; (d) build the library with improper flags; (e)
switch to a downlevel version of the library; (f) change the version
numbers; (g) never update the sources. And then someone can publish
the resulting Crypto++ snap.

Jeff



More information about the ubuntu-users mailing list