Virual@lemmy.dbzer0.com to Linux@lemmy.mlEnglish · 2 days agoArch Linux's AUR Sees More Than 400 Packages Compromised With Malwarewww.phoronix.comexternal-linkmessage-square85fedilinkarrow-up1264arrow-down10cross-posted to: archlinux@lemmy.mlsecurity@lemmy.mllinux@sopuli.xyz
arrow-up1264arrow-down1external-linkArch Linux's AUR Sees More Than 400 Packages Compromised With Malwarewww.phoronix.comVirual@lemmy.dbzer0.com to Linux@lemmy.mlEnglish · 2 days agomessage-square85fedilinkcross-posted to: archlinux@lemmy.mlsecurity@lemmy.mllinux@sopuli.xyz
minus-squareJames@lemmy.calinkfedilinkarrow-up10·1 day agoThe AUR is basically just a shortcut for downloading random shit off GitHub. It gives un-experienced users a false sense of security.
minus-squareHaraldvonBlauzahn@feddit.orglinkfedilinkarrow-up1·edit-218 hours ago The AUR is basically just a shortcut for downloading random shit off GitHub. It gives un-experienced users a false sense of security. As is “pip install” by the way.
minus-squaresoftotteep@pawb.sociallinkfedilinkEnglisharrow-up1·23 hours agoThe false sense of security is actually caused by people saying the AUR is the easiest way to safely get all your packages, when in reality the AUR itself tells you to always review PKGBUILDs and to not blindly trust AUR packages.
The AUR is basically just a shortcut for downloading random shit off GitHub.
It gives un-experienced users a false sense of security.
As is “pip install” by the way.
The false sense of security is actually caused by people saying the AUR is the easiest way to safely get all your packages, when in reality the AUR itself tells you to always review PKGBUILDs and to not blindly trust AUR packages.