Linux

13986 readers

582 users here now

A community for everything relating to the GNU/Linux operating system (except the memes!)

Also, check out:

Original icon base courtesy of lewing@isc.tamu.edu and The GIMP

founded 3 years ago

MODERATORS

Ategon@programming.dev

anzo@programming.dev

dwraf_of_ignorance@programming.dev

175

Arch Linux AUR Malware Campaign Hits Multiple User-Contributed Packages (linuxiac.com)

submitted 4 days ago by cm0002@lemy.lol to c/linux@programming.dev

69 comments fedilink hide all child comments

you are viewing a single comment's thread
view the rest of the comments

[–] excel@lemming.megumin.org 9 points 4 days ago (1 children)

The way to prevent it is to get more stuff into the official repos so people aren’t forced to rely on AUR in the first place.

[–] 1984@lemmy.today 0 points 4 days ago* (last edited 4 days ago) (1 children)

It depends. There are trusted well known packages and those can be trusted in my opinion. But I wouldn't install any random package someone made.

And how would moving the packages into official repo solve anything? The reason it's in the AUR is because the arch maintainers don't have time to maintain packages.

[–] bitfucker@programming.dev 0 points 2 days ago

But the orphaned packages in the official repo can't be adopted by just about anyone