Canonical are currently dealing with a security incident with the Snap store, after users noticed multiple fake apps were uploaded so temporary limits have been put in place.

  • cmhe@lemmy.ml
    link
    fedilink
    arrow-up
    33
    arrow-down
    5
    ·
    1 year ago

    I dislike the snap store as well, but what you describe is how packaging works on Debian as well. Anyone can make, maintain a package. And there are people there that maintain even more packages.

    However, there is a difference when uploading it to the repos, you either have to be a Debian developer or find one to sponsor your package first. After a while of doing good work, you can also request becoming one yourself.

    This additional burden makes it more difficult for malicious people to go through.

    Personally I prefer this separation of software developer and package maintainer, because that makes it a bit more difficult for malicious devs to push packages directly or for them to not package them the optimal way for the distro.

    • wiki_me@lemmy.ml
      link
      fedilink
      English
      arrow-up
      11
      ·
      1 year ago

      I think that in practice it prevents them completely, i never heard of any type malware uploaded to debian or nix and flathub for that matter.