Snaps have a permissions system backed by AppArmor and Seccomp that confines the snap to a sandbox with limited privileges based on a security profile.
You can read about it here:
- https://core.docs.ubuntu.com/en/guides/intro/security#headin...
- https://snapcraft.io/docs/interface-management
Flatpak does have a sandbox but in practice, many flatpaks do not use it securely. You can read about it here: https://flatkill.org/
AppImage does not seem that security is one of its goals.
So, for the time being I'll keep using snaps. They're a great idea :)
So, tl;dr: Snaps are not only about packaging. They confine software to a sandbox with limited privileges.
Snaps have a permissions system backed by AppArmor and Seccomp that confines the snap to a sandbox with limited privileges based on a security profile.
You can read about it here:
- https://core.docs.ubuntu.com/en/guides/intro/security#headin...
- https://snapcraft.io/docs/interface-management
Flatpak does have a sandbox but in practice, many flatpaks do not use it securely. You can read about it here: https://flatkill.org/
AppImage does not seem that security is one of its goals.
So, for the time being I'll keep using snaps. They're a great idea :)
So, tl;dr: Snaps are not only about packaging. They confine software to a sandbox with limited privileges.