Nemeski@mander.xyz to Linux@programming.dev · 1 month agoActive AUR malicious packages incidentarchlinux.orgexternal-linkmessage-square27linkfedilinkarrow-up1105arrow-down10
arrow-up1105arrow-down1external-linkActive AUR malicious packages incidentarchlinux.orgNemeski@mander.xyz to Linux@programming.dev · 1 month agomessage-square27linkfedilink
minus-square9tr6gyp3@lemmy.worldlinkfedilinkEnglisharrow-up6·1 month agoAUR packages can be sandboxed with many different solutions. Any pckage can be sandboxed really.
minus-squareDefault Username@lemmy.dbzer0.comlinkfedilinkEnglisharrow-up9·1 month agoThis attack was executed by a script running in the PKGBUILD itself. You didn’t have to run the application to be infected since just building it will infect your machine.
minus-square9tr6gyp3@lemmy.worldlinkfedilinkEnglisharrow-up3·1 month agoYeah, I bet the build process could also be sandboxed, but Im sure its not the default.
minus-squareDefault Username@lemmy.dbzer0.comlinkfedilinkEnglisharrow-up4·1 month agoSandboxing the build process would be a process. Nix already does it, for example. Many AUR packages don’t include a full list of dependencies.
minus-squarepatlefort@lemmy.worldlinkfedilinkarrow-up2·1 month agoIt also had an install script that will be run as root when the package is installed. Can’t sandbox that.
AUR packages can be sandboxed with many different solutions. Any pckage can be sandboxed really.
This attack was executed by a script running in the PKGBUILD itself. You didn’t have to run the application to be infected since just building it will infect your machine.
Yeah, I bet the build process could also be sandboxed, but Im sure its not the default.
Sandboxing the build process would be a process. Nix already does it, for example. Many AUR packages don’t include a full list of dependencies.
It also had an install script that will be run as root when the package is installed. Can’t sandbox that.