"On September 28, 2023, the Snap Store team was notified of a potential security incident. ..."
https://forum.snapcraft.io/t/temporary- ... dent/37077
Snap security incident
Forum rules
Do not post support questions here. Before you post read the forum rules. Topics in this forum are automatically closed 6 months after creation.
Do not post support questions here. Before you post read the forum rules. Topics in this forum are automatically closed 6 months after creation.
- JoeFootball
- Level 13
- Posts: 4673
- Joined: Tue Nov 24, 2009 1:52 pm
- Location: /home/usa/mn/minneapolis/joe
Snap security incident
Last edited by LockBot on Mon Apr 01, 2024 10:00 pm, edited 1 time in total.
Reason: Topic automatically closed 6 months after creation. New replies are no longer allowed.
Reason: Topic automatically closed 6 months after creation. New replies are no longer allowed.
- BenTrabetere
- Level 7
- Posts: 1890
- Joined: Sat Jul 19, 2014 12:04 am
- Location: Hattiesburg, MS USA
Re: Snap security incident
I do not use any Snaps, but this action from the Snap Store team makes me less concerned about using them. A lot of people find a lot of fault with Canonical and its proprietary Snap Store, but I think this incident demonstrates it does have some benefits. I am not sure FlatHub could have acted this swiftly or effectively if it discovered it hosted malicious flatpaks.
Patreon sponsor since August 2022
Re: Snap security incident
Temporary suspension of automatic snap registration after malware fooled some algorithm means malware should wait a little until suspension ends. And measures are applied only against new snaps, but more effective way for embedding malware is to register some normal snap / flatpak and insert malware in it later. It is up to developer to set interfaces which snap uses and nothing prevents developer to ignore norms and access files or system resources except recommendations.BenTrabetere wrote: ⤴Mon Oct 02, 2023 12:35 am this action from the Snap Store team makes me less concerned about using them.
-=t42=-
Re: Snap security incident
Not reassured.
It takes considerable knowledge, just to realize the extent of my own ignorance. -- Thomas Sowell
Re: Snap security incident
Brodie Robertson now has a video out on this: https://youtu.be/1zl_Y8vSteo?feature=shared
Re: Snap security incident
I have about 5 snaps installed on a desktop. Can I please ask your thoughts on this?
Thanks
Thanks
Linux Mint 21.2 Victoria
Always =updatedb=
GNU/LINUX
Always =updatedb=
GNU/LINUX