Linux

13976 readers

410 users here now

A community for everything relating to the GNU/Linux operating system (except the memes!)

Also, check out:

Original icon base courtesy of lewing@isc.tamu.edu and The GIMP

founded 3 years ago

MODERATORS

Ategon@programming.dev

anzo@programming.dev

dwraf_of_ignorance@programming.dev

174

Arch Linux AUR Malware Campaign Hits Multiple User-Contributed Packages (linuxiac.com)

submitted 3 days ago by cm0002@lemy.lol to c/linux@programming.dev

69 comments fedilink hide all child comments

you are viewing a single comment's thread
view the rest of the comments

[–] mlfh@lm.mlfh.org 34 points 3 days ago (1 children)

Of course the secondary opt-in user repo with unvetted package maintainers is infected with malware, it'd be a miracle if it weren't! They warn as much in the docs. Use at your own risk, or package and maintain it yourself, because you're likely not finding it packaged more reliably elsewhere.

And I love Debian, but if you think the Debian repos with 30,000+ packages and 1000+ community maintainers aren't also infected with malware...

[–] ZombieCyborgFromOuterSpace@lemmy.ca 1 points 1 day ago

There hasn't been a single reported incident so far. So, as far as we know... No. They aren't infected.

And I trust the community of elders that take care of the Debian distro. They have been reliable and solid. They don't just throw anything at the users on Stable. Even Testing is considered safer than most distributions.