Aqua Nautilus researchers have identified a security issue that arises from the interaction between Ubuntu’s command-not-found package and the snap package repository. While command-not-found serves as a convenient tool for suggesting installations for uninstalled commands, it can be inadvertently manipulated by attackers through the snap repository, leading to deceptive recommendations of malicious packages. Additionally, our …

Aqua Nautilus researchers have identified a security issue that arises from the interaction between Ubuntu’s command-not-found package and the snap package repository. While command-not-found serves as a convenient tool for suggesting installations for uninstalled commands, it can be inadvertently manipulated by attackers through the snap repository, leading to deceptive recommendations of malicious packages.

  • @[email protected]
    711 months ago

    Yeah, fuck snap. I’ve been actively recommending against using Ubuntu because of it to new users.

    • Norah (pup/it/she)English
      511 months ago

      I’ve been really enjoying LMDE (Linux Mint Debian Edition) as a main distro. It asks you during the install what package systems you want to include and you can just not select snap 👌