Hello all, just looking at the review-tools snap’s listing:
$ snap info review-tools
name: review-tools
summary: Review tools for snappy
publisher: Canonical✓
And I am wondering whether it would be possible for an evil actor to just append a check mark✓ to their display name to impersonate as a verified/trusted publisher?
e.g. By adding to the Full name field here:
Not gonna try it myself as it’s definitely going to be flagged as one of the malicious behaviors, but still, hopefully it is already dealt with by the store.