On 03/01/17 15:02, Ralf Mardorf wrote: > An important note by the Arch Wiki is > "Warning: snap-confine is built with the --disable-apparmor option; > full confinement relies on an AppArmor enabled kernel with Ubuntu's > Linux 4.4 patchset applied and a related profile for the snap." - > https://wiki.archlinux.org/index.php/Snapd#Installation > > I guess this is something upstream/vendors should know about snaps and > other distros, at least about Arch Linux.
My understanding is that Arch doesn't have a standard mac-based security framework enabled; if that's incorrect we'd be glad to work together to enable full security for confined snaps on Arch! Also, with the new 'classic' mode, there will be a range of utility snaps that are not sand-boxed on Ubuntu either, but are still very useful and no doubt just as useful to Arch users and developers as well. Mark -- Snapcraft mailing list [email protected] Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/snapcraft
