logoalt Hacker News

ChocolateGodtoday at 2:59 PM2 repliesview on HN

> apt/dnf scripts run on packages a maintainer signed and a distro gatekept

Unfortunately apt/dnf isn't much better here because random tutorials online suggest people add random repositories where the creator of any repository effectively has root access to anyone machine that adds it as a remote.

Replies

orpheatoday at 3:22 PM

Don't add random repositories from random tutorials? Come on, it's basic Internet hygiene. Entirely different thing.

show 1 reply
Zardoz84today at 4:08 PM

It's the exact same problem when random tutorials (and official pages) recommend to do a curl "URL" | bash to install something. Every time that I see it, I look it suspicious.