I didn’t say people were forced to use snap, just that they’re the default. But if they’re to be made the default, they should be a good experience.
A couple years ago they switched Gnome Calculator a preinstalled snap and it had very long launch times despite being such a simple app.
Later on they made Firefox a snap (and removed the deb) despite it having long launch times and no native messaging support (used by stuff like password managers).
They made a snap version of Steam and pushed it to the stable channel despite it having many known issues. Those using the graphical store only have the option to get the snap version of Steam as the store is snap-only. It took them a while to make games work by removing a bunch of snap’s sandboxing for it.
As for the sandboxing stuff. Ubuntu using AppArmor, a Mandatory Access Control (MAC) that is used to make the system more secure by creating profiles used to confine certain pieces of software. If they try to do something the profile doesn’t allow them to do, it gets blocked.
Snap uses AppArmor to manage the sandbox of snaps. However, AppArmor isn’t the only MAC around. Fedora and OpenSUSE use something else called SELinux, which has a similar purpose. But snap doesn’t speak SELinux, it only speaks AppArmor. So none of the fancy AppArmor profiles used to contain snaps actually work on those distros, the sandbox it does have is so weak it’s insignificant. Canonical could have addressed this by adding SELinux support to snap, but they haven’t, they pretty much only care about Ubuntu and Debian. And as I mentioned before, Ubuntu patches AppArmor to add more functionality. But they have failed to upstream these patches, so only Ubuntu (and maybe Debian?) have access to the strongest sandboxing snap can offer.
On the other hand, flatpak uses bubblewrap to sandbox its applications. Bubblewrap uses standard Linux security features to sandbox apps rather than a specific MAC. That means the flatpak sandbox is strong regardless of which distro you are using. Although it does have some downsides. Flatpak doesn’t speak to either MAC, which can be a problem since the MAC can confine the flatpak application more than is expected. For example, OpenSUSE ships some SELinux policies that allows Wine/Proton to function as expected. However, these policies don’t get installed when you use Steam or any other launcher as a flatpak. It’s something you have to do manually. Meanwhile if flatpak actually talked to the MAC (like snap does with AppArmor), then this wouldn’t be a problem.
I didn’t say people were forced to use snap, just that they’re the default. But if they’re to be made the default, they should be a good experience.
As for the sandboxing stuff. Ubuntu using AppArmor, a Mandatory Access Control (MAC) that is used to make the system more secure by creating profiles used to confine certain pieces of software. If they try to do something the profile doesn’t allow them to do, it gets blocked.
Snap uses AppArmor to manage the sandbox of snaps. However, AppArmor isn’t the only MAC around. Fedora and OpenSUSE use something else called SELinux, which has a similar purpose. But snap doesn’t speak SELinux, it only speaks AppArmor. So none of the fancy AppArmor profiles used to contain snaps actually work on those distros, the sandbox it does have is so weak it’s insignificant. Canonical could have addressed this by adding SELinux support to snap, but they haven’t, they pretty much only care about Ubuntu and Debian. And as I mentioned before, Ubuntu patches AppArmor to add more functionality. But they have failed to upstream these patches, so only Ubuntu (and maybe Debian?) have access to the strongest sandboxing snap can offer.
On the other hand, flatpak uses bubblewrap to sandbox its applications. Bubblewrap uses standard Linux security features to sandbox apps rather than a specific MAC. That means the flatpak sandbox is strong regardless of which distro you are using. Although it does have some downsides. Flatpak doesn’t speak to either MAC, which can be a problem since the MAC can confine the flatpak application more than is expected. For example, OpenSUSE ships some SELinux policies that allows Wine/Proton to function as expected. However, these policies don’t get installed when you use Steam or any other launcher as a flatpak. It’s something you have to do manually. Meanwhile if flatpak actually talked to the MAC (like snap does with AppArmor), then this wouldn’t be a problem.