Drew Lehman on 10 Dec 2009 08:44:57 -0800

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [PLUG] trusting linux packages

Once Linux becomes more mainstream and non-techie people demand more,
this scenario is much more likely to happen.  Imagine what will happen
when people can't get what they want from the central repositories.  I
don't think most people will consider the security issues and will
simply add new repositories under the instructions of some odd website.
 This could lead to a rash of malware under Linux.

Chad Waters wrote:
> http://theravingrick.blogspot.com/2009/12/and-so-it-begins.html
> Someone uploaded a malicious script hidden in a deb purported to be a
> screensaver at gnome-look.org
> Its a different scenario, but this is why I cringe when I see a
> sources.list with 10 random unofficial repositories.

Philadelphia Linux Users Group         --        http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion  --   http://lists.phillylinux.org/mailman/listinfo/plug