> 2) security is better Sorry to say that, but : no. It’s very weaker than plain old Debian package. Currently, your snap embeds : libevent openssl pthreads libasan2 libubsan python 2.7 python-torctl tor-arm tor Any security change on one of those embeded libraries require *you* rebuild and upload a new snap to fix the problem. This is very problematic for at least openssl (very frequent security fix) and tor/torctl/tor-arm (now, *you* need to follow every official releases of those 3 parts and deliver a new snap each time). On a plain old Debian package, a security change impacts only *one* package (not *all* apps) and require only *the maintainer* of the lib package (not *all* apps ones) to rebuild and deploy. And this fixes *every* other package using this lib without extra step. Snap, docker and more generally all packaging system embeding libs inside are just a nightmare in terms of security update. <3 -- Aeris Individual crypto-terrorist group self-radicalized on the digital Internet https://imirhil.fr/ Protect your privacy, encrypt your communications GPG : EFB74277 ECE4E222 OTR : 5769616D 2D3DAC72 https://café-vie-privée.fr/
Attachment:
signature.asc
Description: This is a digitally signed message part.
_______________________________________________ tor-relays mailing list tor-relays@xxxxxxxxxxxxxxxxxxxx https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays