Remove unconfined snaps from Ubuntu Mate 22.04 (Welcome and Software Boutique)

Hi,

Ubuntu Mate LTS is my favorite linux distro but it has a big security hole that I hope developers fix for 22.04. It installs by default 2 unconfined snaps (Software Boutique and Welcome). Software Boutique can be replaced by the regular Software app from Gnome, and Welcome is irrelevant. If the account of snap maintainer is hacked it could upload malware to everyone with the permissions of the user account.

I think @FrenchguyCH would be very offended by the idea that either application is "irrelevant". Maybe it's irrelevant to you, and it's fine for you to feel that way; but I hear that both programs help new users get around on Ubuntu MATE systems. I do not think removing them is a good idea.

Further, I'm not sure if you totally understand what you're doing by suggesting replacing the Software Boutique with GNOME Software. If a Snap is unconfined, it can't do any more damage than an application which is installed "normally", like GNOME Software. GNOME Software runs unconfined, too; it's just that Canonical has pushed Snaps as necessarily being "more secure" than other package formats, even though Snaps don't have to be, but that doesn't mean that Snaps are less secure than other package formats. Switching from an unprotected Snap to a normal system package is about as security-conscious as deciding that driving on the road is dangerous, so you decide to ride around in someone else's car instead.

Also keep in mind that, if you actually want to install software, both applications need to launch programs which are elevated to unusually high privilege levels -- in other words, root access -- in order to install software. In that sense, neither application is more secure. The only real security feature I can see GNOME Software has and the Software Boutique doesn't is that the former has to enter the Ubuntu repositories, which is a somewhat tedious task that might get looked over by several other people first -- or it might not. Quite frankly, considering the quality of some packages, I wonder if some Ubuntu repository reviewers sometimes give their rubber stamp of approval without even understanding the proposed changes. And if the Snap maintainer's credentials could be stolen, I know for a fact that an APT maintainer's credentials could be stolen just about as easily.

So, unless you have more specific concerns than those which I already addressed (which I'd like to hear if you do), I find it unlikely that there is a real security hole here. It just looks to me like a bad case of Canonical's advertising campaign gone bad (again).

4 Likes

You already created a post about this a few months ago.

Welcome is not irrelevant at all to new users.
Gnome software is not a list of software picked by the Ubuntu MATE team.
Both apps usually are seen as pros in Ubuntu MATE reviews.

This is not Windows. You can remove the packages you're not ok with. Unless you make your own distro, there will always be packages you don't like/need and tweaks to be done.

You can replace those two snaps as well with a PPA published by the same person. But since his Launchpad account might get hacked, I won't bother posting the link to it.

1 Like

Hi! Thank you for your answer. I didn't want to sound rude (english is not my first language), when I say "irrelevant" I mean that the functionality they provide doesn't justify the price users pay from a security point of view. I have nothing against the Software Boutique or Welcome applications, I'm against to any unconfined snap, no matter what application is. Now let me clarify this:

Gnome software (which could replace Software Boutique snap) comes from gnome developers first, it pass through debian repositories and then it's reviewed again by Canonical team. After all those reviews, the package is automatically build and it becomes "freezed". The package is secure, even if it runs as sudo to install applications.

Now lets see how snaps work (I develop snaps myself so I know what I'm talking about). There is no review of any kind, any snap maintainer can compile whatever they want and upload it to the snap store. Then the binary will be automatically distributed to everyone in maybe 24 hours (I think snaps are auto-updated each 24 hours, not sure). So if the snap maintainer account is hacked it could cause lot of damage.

Again, Software Boutique and Welcome are ok as applications but please make them a regular package that pass the same review process of all critical parts of the system. Until then, they can be replaced by Gnome Software.

Snaps are fine but ONLY for confined apps.

Regards :slight_smile:

I forgot the other post, sorry :slight_smile:

Please read the answer to Gordon. I'm also strongly against PPAs installed by default.

Regards

Any update on this? GNOME Software is working great on MATE, so no need to use unconfined snaps.

Regards