this post was submitted on 04 May 2024
235 points (84.5% liked)
linuxmemes
21378 readers
1299 users here now
Hint: :q!
Sister communities:
Community rules (click to expand)
1. Follow the site-wide rules
- Instance-wide TOS: https://legal.lemmy.world/tos/
- Lemmy code of conduct: https://join-lemmy.org/docs/code_of_conduct.html
2. Be civil
- Understand the difference between a joke and an insult.
- Do not harrass or attack members of the community for any reason.
- Leave remarks of "peasantry" to the PCMR community. If you dislike an OS/service/application, attack the thing you dislike, not the individuals who use it. Some people may not have a choice.
- Bigotry will not be tolerated.
- These rules are somewhat loosened when the subject is a public figure. Still, do not attack their person or incite harrassment.
3. Post Linux-related content
- Including Unix and BSD.
- Non-Linux content is acceptable as long as it makes a reference to Linux. For example, the poorly made mockery of
sudo
in Windows. - No porn. Even if you watch it on a Linux machine.
4. No recent reposts
- Everybody uses Arch btw, can't quit Vim, and wants to interject for a moment. You can stop now.
Please report posts and comments that break these rules!
Important: never execute code or follow advice that you don't understand or can't verify, especially here. The word of the day is credibility. This is a meme community -- even the most helpful comments might just be shitposts that can damage your system. Be aware, be smart, don't fork-bomb your computer.
founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
Former Unix security chief.
Do not use snaps. Risky as hell.
Why? I've heard this for years at this point, but as someone who rarely uses snaps because they're the only convenient option for software I'm using, I'm generally ambivalent about them.
People seem to hold really strong opinions about snap but I've never been able to get a straight answer, just a bunch of hand waving.
Mainly the snap client doesnt let you configure a secondary source, and ubuntu's repo doesn't have a good track record of not providing malware.
https://baronhk.wordpress.com/2023/10/01/malware-in-the-ubuntu-snap-store-again/
https://www.bleepingcomputer.com/news/security/ubuntu-command-not-found-tool-can-be-abused-to-spread-malware/
https://www.linuxuprising.com/2018/05/malware-found-in-ubuntu-snap-store.html
So that's admittedly not a good look for canonical, but my read of that is that if you're getting widely-known software from a developer who's publishing it to snap themselves, and you're cautious about your usage, snap is fine.
For example, essentially my only use of snap is to install certbot. If I follow the directions from certbot.eff.org precisely, then I'll get certbot installed and no issues.
I certainly agree that (a) the system is ripe for abuse and (b) should be self-hostable to support Free software. Both of these could be fixed by canonical opening it up.