104
Active AUR malicious packages incident (archlinux.org)
submitted 1 day ago by nemeski@mander.xyz to c/linux@programming.dev
27 comments fedilink hide all child comments
you are viewing a single comment's thread
view the rest of the comments
[-] 9tr6gyp3@lemmy.world 3 points 1 day ago

Yeah, I bet the build process could also be sandboxed, but Im sure its not the default.

[-] defaultusername@lemmy.dbzer0.com 4 points 1 day ago

Sandboxing the build process would be a process. Nix already does it, for example. Many AUR packages don't include a full list of dependencies.

this post was submitted on 12 Jun 2026
104 points (100.0% liked)

Linux

13931 readers
429 users here now

A community for everything relating to the GNU/Linux operating system (except the memes!)

Also, check out:

Original icon base courtesy of lewing@isc.tamu.edu and The GIMP

founded 3 years ago
MODERATORS
Ategon@programming.dev
anzo@programming.dev
dwraf_of_ignorance@programming.dev