On Jul 22, 2016 5:48 PM, "Neal Gompa" <firstname.lastname@example.org> wrote:
> This is done through the "plugs" and "slots" that can be used to
> create interfaces among them. This is a true superset of the
> capability provided by Flatpak through Portals, since it can be used
> to export non-DBus oriented communications mechanisms. This is
> described on the Snapcraft documentation.
I think (from reading the docs a bit -- I haven't tried it or looked at the code) that snap interfaces are powerful but not in a good way for desktop apps. They seem to work a lot like Android permissions -- an app asks for an interface and won't work without it. The trouble is that they're very coarse grained and grant global access. I, as a user, don't want to give my apps $HOME access, and I don't want apps written to expect $HOME access. Apps should automatically get permission to show a file open box and get that file only.
Flatpak gets this right.
Admittedly, the Flatpak approach won't work directly for, say, a web server. But IMO it would much better if, instead of "network-bind", there was "bind-port" and admins could connect their server to the specific port it needed.