Snap apps might not be everyone’s favourite Linux packaging format, but there’s no denying that momentum is fast gathering behind the tech, particularly from commercial app vendors like Microsoft.
And one key selling point snap apps have over traditional app distribution methods is improved security.
Snap apps, the Snapcraft website boasts, are “safe to run”:
“Not only are snaps kept separate, their data is kept separate too. Snaps communicate with each other only in ways that you approve”
A great example of the control we have over these sandboxed apps can be found in the desktop Ubuntu Software store.
Here, a “Permissions” button is shown in the store listing for Snaps you have installed. Clicking the button opens a small dialog with options to enable/disable various permissions:
In the screenshot above you can see the permissions dialog presented for the official Spotify snap app, which I have installed on my system.
It lists three permissions that I, as a user, have control over, two of which are enabled:
- Access files in your home folder
- Read system mount information and disk quotas
- Play and record sound
When I installed (and first launched) the Spotify snap app I was not asked to grant any of the permissions that are listed. So why and how are they already enabled?
Remember to Check Auto-connect Permissions
Certain permissions (‘interfaces‘ in Snapcraft parlance) are granted automatically when you make the decision to install a Snap app.
You can enable/disable Snap app permissions at any time, just like on recent versions Android
These “auto connect” permissions typically cater to core functionality, such as being able to draw a window using the display server, or play sound through your speakers.
Other auto connect permissions tend to be helpful rather than functional, like allowing an app to open non-hidden files kept in your home directory.
Canonical encourages Snap app developers to make interfaces optional where possible, and suggests that devs instead ask users to enable a permission via an in-app dialog the first time they try to access a feature that has additional requirements.
The benefit with Snap versions of apps is that you’re (mostly) in control of these permissions, even after they’ve been granted or okayed.
You can enable/disable Snap app permissions at any time, just like on more recent versions Android.
And my screen you can see that Spotify has access to read my home folder files. I don’t want Spotify to be able to have this access because, quite simply, I have zero intention of using Spotify to play local MP3 files (a feature people often forget it has).
Using the Snap permissions manager in the Ubuntu Software tool I can disable that ability very easily.
No command line flags, no hidden dconf settings, no drama; just straightforward control over the software that’s running on my system.