https://bugs.kde.org/show_bug.cgi?id=411400
Bug ID: 411400 Summary: KDE snaps come with some unnecessary connections Product: neon Version: unspecified Platform: Other OS: Linux Status: REPORTED Severity: normal Priority: NOR Component: Snaps Assignee: neon-b...@kde.org Reporter: koolkrish007+...@gmail.com CC: neon-b...@kde.org Target Milestone: --- SUMMARY Snaps use a lot of unnecessary plugs that exposes far more risk than necessary. Especially for internet facing snaps. STEPS TO REPRODUCE 1. sudo snap install <kdesnap> 2. sudo snap connections <kdesnap> OBSERVED RESULT A lot of rather unexpected connections, in particular things like access to home, network and network-bind. Some apps like games (kmines, kpat, andand the like simply do not need access to the full home directory and can suffice simply without the home plugin with the folder located in /home/<user>/snap/.... EXPECTED RESULT Some of these certainly don't need access to the network or network bind either. The point of snaps is to confine the app to the bare permissions needed. Another example is konversation, if an exploit is found over the network. I would prefer if the snap didn't give full access to my home directory. SOFTWARE/OS VERSIONS Linux/KDE Plasma: N/A (available in About System) KDE Plasma Version: N/A KDE Frameworks Version: N/A Qt Version: N/A ADDITIONAL INFORMATION -- You are receiving this mail because: You are watching all bug changes.