221

Canonical's Snap Store Hit By Malicious Apps (www.phoronix.com)

submitted 1 year ago by mr_MADAFAKA@lemmy.ml to c/linux@lemmy.ml

43 comments fedilink hide all child comments

you are viewing a single comment's thread
view the rest of the comments

[-] ptz@dubvee.org 73 points 1 year ago* (last edited 1 year ago)

Good thing I can just install applications from apt instead...

user@pc:~$: sudo apt install app
The following additional packages will be installed:
    snapd

....oh.

[-] Lemmchen@feddit.de 11 points 1 year ago* (last edited 1 year ago)

The reason why I'll switch to Debian soon.

[-] lord_ryvan@ttrpg.network 3 points 1 year ago

IMO Linux Mint is a great replacement, too, although it does not come with the default-Gnome desktop layout

[-] pbjamm@beehaw.org 2 points 1 year ago

I always find myself going back to Mint.

[-] lord_ryvan@ttrpg.network 2 points 1 year ago* (last edited 1 year ago)

Same, I feel at home in the Cinnamon DE and no matter how tech savvy I am, the GUI software installer is so much more convenient than using the terminal

[-] manpacket@lemmyrs.org 10 points 1 year ago

Yea, not with firefox, at least not without switching to some third party repo.

[-] MasterBlaster@lemmy.world 10 points 1 year ago

I use the ppa because the snap version does not let me use the keypass XC Plug-In or my VPN plug in.

[-] SaltySalamander@kbin.social 3 points 1 year ago

You're awful brave...

https://www.techtarget.com/searchsecurity/news/366537793/KeePass-vulnerability-enables-master-password-theft

[-] cmnybo@discuss.tchncs.de 25 points 1 year ago

KeePass 2 and KeePassXC are two different programs. KeePassXC is not affected by that issue.

[-] AbidanYre@lemmy.world 1 points 1 year ago

obtain a plaintext master password from a user workspace, even if the workspace is locked.

You had one job keepass.

[-] eah@kbin.social 2 points 1 year ago* (last edited 1 year ago)

I have the issue that the snap version can't browse files whose path includes a hidden dot file/directory in my home directory. It doesn't seem there's any clean way for me say "no, I give you explicit permission to read these files." My workaround was to sudo mount --bind ~/.foo ~/bar and then browse from ~/bar instead. I'm not sure what they think they were preventing me from doing but they failed.

[-] Draconic_NEO@lemmy.dbzer0.com 6 points 1 year ago

Canonical's changes to apt could be considered malicious in and of themselves because it installs from a source you didn't request for, sure seems malicious to me.

[-] ptz@dubvee.org 5 points 1 year ago

Agreed. Switching out .deb packages in the package manager for snap stubs was a bridge too far, and I went back to Debian.

this post was submitted on 30 Sep 2023

221 points (100.0% liked)

Linux

48705 readers

1283 users here now

From Wikipedia, the free encyclopedia

Linux is a family of open source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991 by Linus Torvalds. Linux is typically packaged in a Linux distribution (or distro for short).

Distributions include the Linux kernel and supporting system software and libraries, many of which are provided by the GNU Project. Many Linux distributions use the word "Linux" in their name, but the Free Software Foundation uses the name GNU/Linux to emphasize the importance of GNU software, causing some controversy.

Rules

Posts must be relevant to operating systems running the Linux kernel. GNU/Linux or otherwise.
No misinformation
No NSFW content
No hate speech, bigotry, etc

Related Communities

Community icon by Alpár-Etele Méder, licensed under CC BY 3.0

founded 5 years ago

MODERATORS

AgreeableLandscape@lemmy.ml

nooter692@lemmy.ml

MarcellusDrum@lemmy.ml

cypherpunks@lemmy.ml

cyclohexane@lemmy.ml

d3Xt3r@lemmy.nz