• woelkchen@lemmy.world
    link
    fedilink
    arrow-up
    2
    arrow-down
    3
    ·
    9 months ago

    You’re literally replying under a submission that’s about unreviewed malware that got accepted in their repo.

    • Dandroid
      link
      fedilink
      arrow-up
      4
      ·
      9 months ago

      Those are snaps. I don’t use those on my server. AFAIK, they’re mostly used for GUI applications. I don’t even have a GUI on my server. I wouldn’t even know how to install or run a snap from command line.

      Most things that run in my server are containerized services that I wrote personally. So as long as there isn’t a vulnerability in podman or my reverse proxy, and as long as keep my base containers up to date (they pull the latest base image each time the image is built), I’m mostly fine.

      • lengau@midwest.social
        link
        fedilink
        arrow-up
        2
        ·
        9 months ago

        I want to make something clear before I start: the person to whom you are replying is being quite toxic in this thread and I’m sorry you had to interact with them. (They’re also saying a bunch of incorrect stuff.)

        That said - I personally have more non-GUI snaps installed than GUI ones. Including in my homelab, where having the latest htop is very convenient and where I’ve got several actual server apps installed as snaps (postgres and plex being the first two that come to mind).

        • Dandroid
          link
          fedilink
          arrow-up
          1
          ·
          9 months ago

          That’s good to know, and I had a feeling I was wrong about that.

      • woelkchen@lemmy.world
        link
        fedilink
        arrow-up
        2
        arrow-down
        3
        ·
        9 months ago

        Those are snaps. I don’t use those on my server.

        Just because you don’t use them doesn’t invalidate the earlier statement.

        • Dandroid
          link
          fedilink
          arrow-up
          2
          ·
          9 months ago

          And that’s totally fine, but it doesn’t invalidate my claim that I don’t really care, because it doesn’t affect me. 🤷

      • woelkchen@lemmy.world
        link
        fedilink
        arrow-up
        3
        arrow-down
        1
        ·
        edit-2
        9 months ago

        It got accepted into ALL distros.

        WTF are you talking about? The submission is about malware in Ubuntu’s Snap repository.

        Lets see, it seems very likely that there is a lot more in xz

        You clearly didn’t read the article.