this post was submitted on 20 Mar 2024
302 points (98.4% liked)

linuxmemes

20707 readers
1415 users here now

I use Arch btw

Sister communities:

Community rules

  1. Follow the site-wide rules and code of conduct
  2. Be civil
  3. Post Linux-related content
  4. No recent reposts

Please report posts and comments that break these rules!

founded 1 year ago
MODERATORS
poopsmith@lemmy.world
zephyr@lemmy.world
302
Don't worry guys it's sandboxed (fedia.io)
submitted 6 months ago* (last edited 6 months ago) by sirico@feddit.uk to c/linuxmemes@lemmy.world
25 comments fedilink hide all child comments
 

Article for anyone intrested

you are viewing a single comment's thread
view the rest of the comments
[–] trevor@lemmy.blahaj.zone 54 points 6 months ago (1 children)

Sandboxing does nothing for social-engineering attacks, which is what many of the malicious snaps were designed for.

And the thing that makes the Snap Store uniquely bad is that there's no human review. Anyone can throw up a malicious snap, and there are very good odds that it'll get served there. Even the Flathub, a community-run project, has human reviews before new apps get published. Canonical, despite having money and resources that community projects don't, can't seem to be bothered to take basic steps to protect their users.

[–] kautau@lemmy.world 23 points 6 months ago* (last edited 6 months ago)

Yeah, what’s important to note is snap just requires a web based submission process.

https://snapcraft.io/docs/using-the-snap-store

Flathub requires a PR in GitHub, visible to the community. Spammers know they will get caught opening PRs

https://docs.flathub.org/docs/for-app-authors/submission/