Ubuntu Mate LTS is my favorite linux distro but it has a big security hole that I hope developers fix for 22.04. It installs by default 2 unconfined snaps (Software Boutique and Welcome). Software Boutique can be replaced by the regular Software app from Gnome, and Welcome is irrelevant. If the account of snap maintainer is hacked it could upload malware to everyone with the permissions of the user account.
I think @FrenchguyCH would be very offended by the idea that either application is "irrelevant". Maybe it's irrelevant to you, and it's fine for you to feel that way; but I hear that both programs help new users get around on Ubuntu MATE systems. I do not think removing them is a good idea.
Further, I'm not sure if you totally understand what you're doing by suggesting replacing the Software Boutique with GNOME Software. If a Snap is unconfined, it can't do any more damage than an application which is installed "normally", like GNOME Software. GNOME Software runs unconfined, too; it's just that Canonical has pushed Snaps as necessarily being "more secure" than other package formats, even though Snaps don't have to be, but that doesn't mean that Snaps are less secure than other package formats. Switching from an unprotected Snap to a normal system package is about as security-conscious as deciding that driving on the road is dangerous, so you decide to ride around in someone else's car instead.
Also keep in mind that, if you actually want to install software, both applications need to launch programs which are elevated to unusually high privilege levels -- in other words, root access -- in order to install software. In that sense, neither application is more secure. The only real security feature I can see GNOME Software has and the Software Boutique doesn't is that the former has to enter the Ubuntu repositories, which is a somewhat tedious task that might get looked over by several other people first -- or it might not. Quite frankly, considering the quality of some packages, I wonder if some Ubuntu repository reviewers sometimes give their rubber stamp of approval without even understanding the proposed changes. And if the Snap maintainer's credentials could be stolen, I know for a fact that an APT maintainer's credentials could be stolen just about as easily.
So, unless you have more specific concerns than those which I already addressed (which I'd like to hear if you do), I find it unlikely that there is a real security hole here. It just looks to me like a bad case of Canonical's advertising campaign gone bad (again).
You already created a post about this a few months ago.
Welcome is not irrelevant at all to new users.
Gnome software is not a list of software picked by the Ubuntu MATE team.
Both apps usually are seen as pros in Ubuntu MATE reviews.
This is not Windows. You can remove the packages you're not ok with. Unless you make your own distro, there will always be packages you don't like/need and tweaks to be done.
You can replace those two snaps as well with a PPA published by the same person. But since his Launchpad account might get hacked, I won't bother posting the link to it.
Hi! Thank you for your answer. I didn't want to sound rude (english is not my first language), when I say "irrelevant" I mean that the functionality they provide doesn't justify the price users pay from a security point of view. I have nothing against the Software Boutique or Welcome applications, I'm against to any unconfined snap, no matter what application is. Now let me clarify this:
Gnome software (which could replace Software Boutique snap) comes from gnome developers first, it pass through debian repositories and then it's reviewed again by Canonical team. After all those reviews, the package is automatically build and it becomes "freezed". The package is secure, even if it runs as sudo to install applications.
Now lets see how snaps work (I develop snaps myself so I know what I'm talking about). There is no review of any kind, any snap maintainer can compile whatever they want and upload it to the snap store. Then the binary will be automatically distributed to everyone in maybe 24 hours (I think snaps are auto-updated each 24 hours, not sure). So if the snap maintainer account is hacked it could cause lot of damage.
Again, Software Boutique and Welcome are ok as applications but please make them a regular package that pass the same review process of all critical parts of the system. Until then, they can be replaced by Gnome Software.
Again, as stated prior by other people, I don't think you grasp what the Software Boutique is about.
It's not 'just another' software outlet, it's specifically curated for Ubuntu Mate - and especially for those that have their non-linux understanding family use it without requiring the 'linux tech' member of the family to intervene or worry. It also came out when GNOME Software was a burning pile of rubbish (way back in 2016).
Again - why it's built on SNAP is due to the fact that the code can be added (thus programs added or removed) without having to do 3-4 code changes (depending on where in the cycle, you would need to hit the upcoming release, the current interim release, and the last 2 LTS releases as well. Or you can just build it as a single SNAP that runs on all of them. Why should the developers (who are doing this for free) spend more time than is necessary.
My opinion on the matter is the boutique should stay, and I understand why it is a snap (which I don't have any personal issue with). If you are worried about security, then simply sudo snap remove software-boutique and your problem is solved, instead of removing the software access that most of us enjoy using, knowing that everything in there will work with our version of Ubuntu Mate.
I understand the utility of the Software Boutique, the problem is that it's implemented as an unconfined snap which adds unnecessary security risks to the users. "Welcome" snap even launch on login. It's not my intention to create extra work for the devs, my point is that every application that a newbie needs is already on Gnome Software (office, media players, etc) and afaik apps don't need specific fixes for Mate. I'm using Gnome Software on Mate for years and never had a problem. Note that newbies can't choose like me, if they have by default an unconfined snap they will use it and they don't understand the risks.
Probably some people don't like to see the "Gnome" text in the app, but devs could fork it and change only the header and about text, which will be much less work that develop the Software Boutique.
Another option is to develop the Software Boutique as a regular repo app, but I guess this would be extra work for them.
Canonical has made Snap packages a priority and therefor Snaps will be more common in the future with Ubuntu distributions. Flatpaks too are gaining popularity and I use a few of them myself. You can remove the Snaps as indicated by others or you can use Linux Mint with Mate which has no Snaps at all. In addition, Solus has a great version of Mate and they are a rolling release with no Snaps installed. Alternatively, Manjaro has a Mate version and so does Fedora - all with no Snaps installed but you can use them if you want to. Anyway you look at it - Snaps and/or Flatpaks are part of the Linux ecosystem for the foreseeable future. Good luck!
Thank you for the feedback. Yep, I use snaps and flatpaks and they are great, but I think they should be always confined. An unconfined snap is dangerous, and if it runs with root permissions like the Software Boutique then is even more dangerous. If you run "snap list" you will see that the snap account is not Canonical account and it doesn't have the green V of verified accounts. It looks this is a personal account managed by the dev. I see an attack vector there. I hope devs think about it, Ubuntu Mate is my favorite distro.