On Jul 22, 2016 5:48 PM, "Neal Gompa" <ngompa13@gmail.com> wrote:
> This is done through the "plugs" and "slots" that can be used to
> create interfaces among them. This is a true superset of the
> capability provided by Flatpak through Portals, since it can be used
> to export non-DBus oriented communications mechanisms. This is
> described on the Snapcraft documentation[0].

I think (from reading the docs a bit -- I haven't tried it or looked at the code) that snap interfaces are powerful but not in a good way for desktop apps.  They seem to work a lot like Android permissions -- an app asks for an interface and won't work without it.  The trouble is that they're very coarse grained and grant global access.  I, as a user, don't want to give my apps $HOME access, and I don't want apps written to expect $HOME access.  Apps should automatically get permission to show a file open box and get that file only.

Flatpak gets this right.

Admittedly, the Flatpak approach won't work directly for, say, a web server.  But IMO it would much better if, instead of "network-bind", there was "bind-port" and admins could connect their server to the specific port it needed.