On 2021-04-10 11:22, Daniel Noga wrote:
Dne 09. 04. 21 v 20:10 Attila Pinter napsal(a):
These are HUGE news! A very big thank you to everybody making this possible!
Would it be possible to make `SELinux` the default instead of AppArmor on Tumbleweed as well? Feel like that it would be a pretty good step towards enhancing security.
Does "SELinux default on Tumbleweed" mean, that we will lose security on Canonical's snap packages?
As far as I'm aware snapd confinement has always been broken on all openSUSE distributions
Checking for confinement has never has returned 'strict' on any snap package I've ever seen run on openSUSE
Given that and the fact that snapd doesn't exist in any openSUSE distribution on account of it failing security audits my advice would be "if you worry about security, you shouldn't be running Canonical's snap packages"