|
|
|
|
|
|
by enzanki_ars
1584 days ago
|
|
|
In terms of that Adobe Acrobat Reader snap, how am I supposed to trust that the container is a maintained, trustworthy, and official version of the application? That looks to me sketchy to use as to my knowledge Acrobat Reader hasn't be released on Linux in over 9 years, and shouldn't be used/trusted given the large number of potential vulnerabilities... This is the reason I don't trust snaps, as I have 0 way of auditing it. I know that there is a "verified" mechanism in snapcraft, but not all apps that are "official" or "trusted" have that tag, such as MusicBrainz Picard, published by the MusicBrainz team, so the only way I know they support it is going back to the official website, which also offers a more conventional PPA that is also easier to audit and trust given the GPG key processes in place there, which _should_ be a bit more trustworthy. |
|
|
Is that code the same as the one the other commenter linked? Not sure, doesn't seem to be a way to tell, as you've mentioned. (That was quite a surprise to me, even Flatpak's Flathub has a little "see details" link to GitHub.) But it would make sense as Adobe has indeed not maintained Acrobat for Linux in many years.