[tor-relays] new relay package for Ubuntu 16.04+
aeris+tor at imirhil.fr
Wed Aug 24 14:43:54 UTC 2016
> 2) security is better
Sorry to say that, but : no. It’s very weaker than plain old Debian package.
Currently, your snap embeds :
Any security change on one of those embeded libraries require *you* rebuild
and upload a new snap to fix the problem. This is very problematic for at
least openssl (very frequent security fix) and tor/torctl/tor-arm (now, *you*
need to follow every official releases of those 3 parts and deliver a new snap
On a plain old Debian package, a security change impacts only *one* package
(not *all* apps) and require only *the maintainer* of the lib package (not
*all* apps ones) to rebuild and deploy. And this fixes *every* other package
using this lib without extra step.
Snap, docker and more generally all packaging system embeding libs inside are
just a nightmare in terms of security update.
Individual crypto-terrorist group self-radicalized on the digital Internet
Protect your privacy, encrypt your communications
GPG : EFB74277 ECE4E222
OTR : 5769616D 2D3DAC72
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 801 bytes
Desc: This is a digitally signed message part.
More information about the tor-relays