The negatives, of snap, at least, was that most apps became 'un-skinned,' and looked like unthemed things you'd launch directly in an X11-session so they look like their base-worst, and so on, in my experience. - The first Ubuntu LTS I tried that had snap even had problems with the [snap-packed] calculator, which for some dumb reason was a snap-app instead of a .deb, I'm talking the main included/internal calc-app, and the VLC snap-package I tried was totally unskinned, due to being snap'ped I suppose, as the ppa and etc .deb versions of VLC certainly was and looked better.

Now I am on EndeavourOS, an arch-based distro, easy to use and set up, and this is due to snap being introduced in Ubuntu directly, plus not wanting the ppa chase-game, and et cetera. It's just an/my opinion(s), and certainly not a pointer. Just being objective from my own perspectives, here. Got nothing against Ubuntu or anything, it's a free world, thankfully, still.

Snaps also create a myriad on mount points which is quite annonying. I like Appimage though.

Tell me about it df -m was like myles long. And it [meaning snap] had separate auto-update procedures and janitorial daemons, which I had a hell of a time removing and disabling etc. I guess the best thing about snap is that you can uninstall all of them, I hope, and find the alternatives of the same features either in the main repositories or through every-lovable ppa. I loved 12.04 LTS, 14.04 LTS, even, but, this is too much. I had to leave man. Had to be there to know it.

I've disabled snapd and set it on hold so it's hopefully never installed again precisely because of this.

There is sandboxing to protect the security of your computer.

An application that runs as a snap does not see the system-wide "/tmp". They get their own /tmp. If the snap is chromium, it has /tmp/snap.chromium/

The chromium snap would not be able to view files outside your $HOME. Also, it would not be able to read any dot files in your $HOME. Any configuration it makes, is separated into $HOME/snap/chromium/

There are a few rough edges, but the end of the discussion is that you get better security if something goes wrong, and it makes it cheaper for maintainers to created updated packages, and distribute them.

They claim that it does sandboxing, which to my knowledge was never actually activated in any meaningful way.

I have used flatpaks on fedora which was nice, and I also built some which was quite painless. I hate that I can't launch them from the terminal like usual though.

You're right regarding the sandboxing. Snaps use 'plugs' to add sandbox exceptions that can be configured by the package author and enabled at install time, e.g. to allow access to your home area or the network.

Even if the sandboxing may technically prevent the package escalating to root or whatever, this is a fairly moot point on a personal computer as everything valuable is probably in your home area.

> What are the benefits?

Common packaging layer between distros and independent packaging. You don't end up in a situation where the software is packaged for Ubuntu, but not RedHat for example.

> Are they effectively like bundling an application with all its dependencies?

Kind of. Some dependencies, yes. But there are many layers which apps can depend on, so for example I've got an app which depends on "GNOME Application Platform version 3.36" - that is shared between apps which need it.

> Is it a way of running "native" apps instead of in a docker container?

Pretty much. Docker is more convenient for server software. For GUI apps, flatpak/snap/appimage provide nicer interface and more targeted sandboxing. For example flatpak allows to limit which DBus interfaces are reachable - which is not doable in docker. It also allows things like "filesystems=xdg-download;home:ro;" which protects your home directory files from being overwritten.