Snap Store / snaps / snapd / snapcraft.io - a new software source?

This is interesting because it contains some popular applications not available from any debian package repository. For example:

Are applications software signatures (gpg) verified end-to-end? I.e. signed by developer and verified on local computer? Or is it only as safe as https?

Is it required to trust the source (snapcraft.io) which is run by cannoncial (they also host Ubuntu and have some issues).

It doesn’t use GPG verification but it does use AppArmor and sandboxing.


Yes. It’s needed to trust canonical.

Something similar to Snap that may be worth looking into is Flatpak. It uses GPG verification and sandboxing.

1 Like

Snaps are a Canonical attempt to create application lock-in Flatpak is the superior alternative and allows decentralization and verification.

[Imprint] [Privacy Policy] [Cookie Policy] [Terms of Use] [E-Sign Consent] [DMCA] [Investors] [Priority Support] [Professional Support]