So that’s admittedly not a good look for canonical, but my read of that is that if you’re getting widely-known software from a developer who’s publishing it to snap themselves, and you’re cautious about your usage, snap is fine.
For example, essentially my only use of snap is to install certbot. If I follow the directions from certbot.eff.org precisely, then I’ll get certbot installed and no issues.
I certainly agree that (a) the system is ripe for abuse and (b) should be self-hostable to support Free software. Both of these could be fixed by canonical opening it up.
Mainly the snap client doesnt let you configure a secondary source, and ubuntu’s repo doesn’t have a good track record of not providing malware.
https://baronhk.wordpress.com/2023/10/01/malware-in-the-ubuntu-snap-store-again/
https://www.bleepingcomputer.com/news/security/ubuntu-command-not-found-tool-can-be-abused-to-spread-malware/
https://www.linuxuprising.com/2018/05/malware-found-in-ubuntu-snap-store.html
So that’s admittedly not a good look for canonical, but my read of that is that if you’re getting widely-known software from a developer who’s publishing it to snap themselves, and you’re cautious about your usage, snap is fine.
For example, essentially my only use of snap is to install certbot. If I follow the directions from certbot.eff.org precisely, then I’ll get certbot installed and no issues.
I certainly agree that (a) the system is ripe for abuse and (b) should be self-hostable to support Free software. Both of these could be fixed by canonical opening it up.