What are the dangers of using snap's classic confinement?












1















While following a video tutorial on Linux bash scripting, the teacher uses atom for editor.



When I did I tried to install atom :



*sudo snap install atom*


I got the message:



error: This revision of snap "atom" was published using classic confinement and thus may perform
arbitrary system changes outside of the security sandbox that snaps are usually confined to,
which may put your system at risk.
If you understand and want to proceed repeat the command including --classic.



What would you do/suggest?






ubuntu snap atom







share|improve this question

























  • Thanks for clarifying my question, Sparhawk. :)

    – Philippe Moisan
    Jan 8 at 0:52
















1















While following a video tutorial on Linux bash scripting, the teacher uses atom for editor.



When I did I tried to install atom :



*sudo snap install atom*


I got the message:



error: This revision of snap "atom" was published using classic confinement and thus may perform
arbitrary system changes outside of the security sandbox that snaps are usually confined to,
which may put your system at risk.
If you understand and want to proceed repeat the command including --classic.



What would you do/suggest?






ubuntu snap atom







share|improve this question

























  • Thanks for clarifying my question, Sparhawk. :)

    – Philippe Moisan
    Jan 8 at 0:52














1












1








1








While following a video tutorial on Linux bash scripting, the teacher uses atom for editor.



When I did I tried to install atom :



*sudo snap install atom*


I got the message:



error: This revision of snap "atom" was published using classic confinement and thus may perform
arbitrary system changes outside of the security sandbox that snaps are usually confined to,
which may put your system at risk.
If you understand and want to proceed repeat the command including --classic.



What would you do/suggest?






ubuntu snap atom







share|improve this question
















While following a video tutorial on Linux bash scripting, the teacher uses atom for editor.



When I did I tried to install atom :



*sudo snap install atom*


I got the message:



error: This revision of snap "atom" was published using classic confinement and thus may perform
arbitrary system changes outside of the security sandbox that snaps are usually confined to,
which may put your system at risk.
If you understand and want to proceed repeat the command including --classic.



What would you do/suggest?






ubuntu snap atom




ubuntu snap atom






share|improve this question















share|improve this question













share|improve this question




share|improve this question








edited Jan 8 at 0:33









Sparhawk

9,41263992




9,41263992










asked Jan 7 at 16:33









Philippe MoisanPhilippe Moisan

133




133













  • Thanks for clarifying my question, Sparhawk. :)

    – Philippe Moisan
    Jan 8 at 0:52



















  • Thanks for clarifying my question, Sparhawk. :)

    – Philippe Moisan
    Jan 8 at 0:52

















Thanks for clarifying my question, Sparhawk. :)

– Philippe Moisan
Jan 8 at 0:52





Thanks for clarifying my question, Sparhawk. :)

– Philippe Moisan
Jan 8 at 0:52










1 Answer
1






active

oldest

votes


















1














This is answered well in snapcraft's official documentation.



In the interest of time, here is the pertinent portion:





Classic confinement is effectively un-confining the applications inside a snap. Applications which use classic confinement have the
same full system access as traditionally packaged applications.
Classic confinement is intended as a stop-gap measure to enable
developers to publish applications which need more access than the
current set of interfaces enable. Over time, as more interfaces are
developed, snap publishers can migrate away from classic confinement
to strict.




Classically confined snaps must be reviewed by the snap store
reviewers team before they can be published in the stable channel.
Snaps which use classic confinement may be rejected if they don’t meet
the requirements.



Users should not attempt to override a strictly confined snap to make
it ‘classic’ as this undoes the confinement and interfaces defined by
the developer. In addition applications published as strict snaps may
misbehave when installed with the ‘–classic’ switch.




As for a recommendation, you'll need to weigh the risks in your own mind. Consider the publisher of the software, their reputation/recognition and the fact that classic confinement snaps are reviewed before being published. Classic confinement is not all that different than having done a traditional apt install in terms of the access it allows to the program.






share|improve this answer























    Your Answer








    StackExchange.ready(function() {
    var channelOptions = {
    tags: "".split(" "),
    id: "106"
    };
    initTagRenderer("".split(" "), "".split(" "), channelOptions);

    StackExchange.using("externalEditor", function() {
    // Have to fire editor after snippets, if snippets enabled
    if (StackExchange.settings.snippets.snippetsEnabled) {
    StackExchange.using("snippets", function() {
    createEditor();
    });
    }
    else {
    createEditor();
    }
    });

    function createEditor() {
    StackExchange.prepareEditor({
    heartbeatType: 'answer',
    autoActivateHeartbeat: false,
    convertImagesToLinks: false,
    noModals: true,
    showLowRepImageUploadWarning: true,
    reputationToPostImages: null,
    bindNavPrevention: true,
    postfix: "",
    imageUploader: {
    brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
    contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
    allowUrls: true
    },
    onDemand: true,
    discardSelector: ".discard-answer"
    ,immediatelyShowMarkdownHelp:true
    });


    }
    });














    draft saved

    draft discarded


















    StackExchange.ready(
    function () {
    StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f493033%2fwhat-are-the-dangers-of-using-snaps-classic-confinement%23new-answer', 'question_page');
    }
    );

    Post as a guest















    Required, but never shown

























    1 Answer
    1






    active

    oldest

    votes








    1 Answer
    1






    active

    oldest

    votes









    active

    oldest

    votes






    active

    oldest

    votes









    1














    This is answered well in snapcraft's official documentation.



    In the interest of time, here is the pertinent portion:





    Classic confinement is effectively un-confining the applications inside a snap. Applications which use classic confinement have the
    same full system access as traditionally packaged applications.
    Classic confinement is intended as a stop-gap measure to enable
    developers to publish applications which need more access than the
    current set of interfaces enable. Over time, as more interfaces are
    developed, snap publishers can migrate away from classic confinement
    to strict.




    Classically confined snaps must be reviewed by the snap store
    reviewers team before they can be published in the stable channel.
    Snaps which use classic confinement may be rejected if they don’t meet
    the requirements.



    Users should not attempt to override a strictly confined snap to make
    it ‘classic’ as this undoes the confinement and interfaces defined by
    the developer. In addition applications published as strict snaps may
    misbehave when installed with the ‘–classic’ switch.




    As for a recommendation, you'll need to weigh the risks in your own mind. Consider the publisher of the software, their reputation/recognition and the fact that classic confinement snaps are reviewed before being published. Classic confinement is not all that different than having done a traditional apt install in terms of the access it allows to the program.






    share|improve this answer




























      1














      This is answered well in snapcraft's official documentation.



      In the interest of time, here is the pertinent portion:





      Classic confinement is effectively un-confining the applications inside a snap. Applications which use classic confinement have the
      same full system access as traditionally packaged applications.
      Classic confinement is intended as a stop-gap measure to enable
      developers to publish applications which need more access than the
      current set of interfaces enable. Over time, as more interfaces are
      developed, snap publishers can migrate away from classic confinement
      to strict.




      Classically confined snaps must be reviewed by the snap store
      reviewers team before they can be published in the stable channel.
      Snaps which use classic confinement may be rejected if they don’t meet
      the requirements.



      Users should not attempt to override a strictly confined snap to make
      it ‘classic’ as this undoes the confinement and interfaces defined by
      the developer. In addition applications published as strict snaps may
      misbehave when installed with the ‘–classic’ switch.




      As for a recommendation, you'll need to weigh the risks in your own mind. Consider the publisher of the software, their reputation/recognition and the fact that classic confinement snaps are reviewed before being published. Classic confinement is not all that different than having done a traditional apt install in terms of the access it allows to the program.






      share|improve this answer


























        1












        1








        1







        This is answered well in snapcraft's official documentation.



        In the interest of time, here is the pertinent portion:





        Classic confinement is effectively un-confining the applications inside a snap. Applications which use classic confinement have the
        same full system access as traditionally packaged applications.
        Classic confinement is intended as a stop-gap measure to enable
        developers to publish applications which need more access than the
        current set of interfaces enable. Over time, as more interfaces are
        developed, snap publishers can migrate away from classic confinement
        to strict.




        Classically confined snaps must be reviewed by the snap store
        reviewers team before they can be published in the stable channel.
        Snaps which use classic confinement may be rejected if they don’t meet
        the requirements.



        Users should not attempt to override a strictly confined snap to make
        it ‘classic’ as this undoes the confinement and interfaces defined by
        the developer. In addition applications published as strict snaps may
        misbehave when installed with the ‘–classic’ switch.




        As for a recommendation, you'll need to weigh the risks in your own mind. Consider the publisher of the software, their reputation/recognition and the fact that classic confinement snaps are reviewed before being published. Classic confinement is not all that different than having done a traditional apt install in terms of the access it allows to the program.






        share|improve this answer













        This is answered well in snapcraft's official documentation.



        In the interest of time, here is the pertinent portion:





        Classic confinement is effectively un-confining the applications inside a snap. Applications which use classic confinement have the
        same full system access as traditionally packaged applications.
        Classic confinement is intended as a stop-gap measure to enable
        developers to publish applications which need more access than the
        current set of interfaces enable. Over time, as more interfaces are
        developed, snap publishers can migrate away from classic confinement
        to strict.




        Classically confined snaps must be reviewed by the snap store
        reviewers team before they can be published in the stable channel.
        Snaps which use classic confinement may be rejected if they don’t meet
        the requirements.



        Users should not attempt to override a strictly confined snap to make
        it ‘classic’ as this undoes the confinement and interfaces defined by
        the developer. In addition applications published as strict snaps may
        misbehave when installed with the ‘–classic’ switch.




        As for a recommendation, you'll need to weigh the risks in your own mind. Consider the publisher of the software, their reputation/recognition and the fact that classic confinement snaps are reviewed before being published. Classic confinement is not all that different than having done a traditional apt install in terms of the access it allows to the program.







        share|improve this answer












        share|improve this answer



        share|improve this answer










        answered Jan 8 at 0:56









        Jeff H.Jeff H.

        32629




        32629






























            draft saved

            draft discarded




















































            Thanks for contributing an answer to Unix & Linux Stack Exchange!


            • Please be sure to answer the question. Provide details and share your research!

            But avoid



            • Asking for help, clarification, or responding to other answers.

            • Making statements based on opinion; back them up with references or personal experience.


            To learn more, see our tips on writing great answers.




            draft saved


            draft discarded














            StackExchange.ready(
            function () {
            StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f493033%2fwhat-are-the-dangers-of-using-snaps-classic-confinement%23new-answer', 'question_page');
            }
            );

            Post as a guest















            Required, but never shown





















































            Required, but never shown














            Required, but never shown












            Required, but never shown







            Required, but never shown

































            Required, but never shown














            Required, but never shown












            Required, but never shown







            Required, but never shown







            -

            Popular posts from this blog

            Morgemoulin

            Image
            Morgemoulin — miejscowość i gmina — Państwo   Francja Region Grand Est Departament Moza Okręg Verdun Kod INSEE 55357 Powierzchnia 6,82 km² Populacja  (1990) • liczba ludności 75 • gęstość 11 os./km² Kod pocztowy 55400 Położenie na mapie Francji Morgemoulin 49°14′N   5°35′E / 49,233333   5,583333 Portal Francja Morgemoulin – miejscowość i gmina we Francji, w regionie Grand Est, w departamencie Moza. Według danych na rok 1990 gminę zamieszkiwało 75 osób, a gęstość zaludnienia wynosiła 11 osób/km² (wśród 2335 gmin Lotaryngii Morgemoulin plasuje się na 970. miejscu pod względem liczby ludności, natomiast pod względem powierzchni na miejscu 848.). Bibliografia | Francuski urząd statystyczny ( fr. ) . p   •   d   •   e Gminy okręgu Verdun Abaucourt-Hautecourt • Aincreville • Ambly-sur-Meuse • Amel-sur-l'Étang • Ancemont • Arrancy-sur-Crusne • Aubréville • Autré...
            Read more

            Scott Moir

            Image
            Scott Moir Tessa Virtue i Scott Moir w 2016 r. Reprezentacja   Kanada Data i miejsce urodzenia 2 września 1987 London Wzrost 180 cm Konkurencja Pary taneczne Partner sportowy Tessa Virtue Trener Marie-France Dubreuil, Patrice Lauzon, Romain Haguenauer Poprzednio: Marina Zujewa, Oleg Epstein, Igor Szpilband, Johnny Johns, Carol Moir, Paul MacIntosh, Suzanne Killing Klub Montreal International School of Skating Poprzednio: Arctic Edge FSC Ilderton Skating Club Lokalizacja treningowa Montreal Poprzednio: Canton Kitchener Rekordy życiowe ISU przed sezonem 2018/2019 Nota łączna 206,07 Igrzyska Olimpijskie 2018 Taniec krótki 83,67 Igrzyska Olimpijskie 2018 Taniec dowolny 122,40 Igrzyska Olimpijskie 2018 Dorobek medalowy Reprezentacja   Kanada Igrzyska olimpijskie Złoto Vancouver 2010 pary taneczne Złoto Pjongczang 2018 pary taneczne Złoto Pjongczang 2018 drużynowo Srebro S...
            Read more

            Souastre

            Image
            Souastre — miejscowość i gmina — Herb Państwo   Francja Region Hauts-de-France Departament Pas-de-Calais Okręg Arras Kod INSEE 62800 Powierzchnia 7,18 km² Populacja  (1990) • liczba ludności 352 • gęstość 49 os./km² Kod pocztowy 62111 Położenie na mapie Francji Souastre 50°09′N   2°34′E / 50,150000   2,566667 Portal Francja Souastre – miejscowość i gmina we Francji, w regionie Hauts-de-France, w departamencie Pas-de-Calais. Według danych na rok 1990 gminę zamieszkiwały 352 osoby, a gęstość zaludnienia wynosiła 49 osób/km² (wśród 1549 gmin regionu Nord-Pas-de-Calais Souastre plasuje się na 887. miejscu pod względem liczby ludności, natomiast pod względem powierzchni na miejscu 507.). Bibliografia | Francuski urząd statystyczny ( fr. ) . p   •   d   •   e Gminy okręgu Arras Ablain-Saint-Nazaire Ablainzevelle Acheville Achicourt Achiet-le-Grand Achiet-le-Pe...
            Read more