Nemeski@mander.xyz to Linux@programming.dev · 2 days agoActive AUR malicious packages incidentarchlinux.orgexternal-linkmessage-square27linkfedilinkarrow-up1104arrow-down10
arrow-up1104arrow-down1external-linkActive AUR malicious packages incidentarchlinux.orgNemeski@mander.xyz to Linux@programming.dev · 2 days agomessage-square27linkfedilink
minus-square9tr6gyp3@lemmy.worldlinkfedilinkEnglisharrow-up6·2 days agoAUR packages can be sandboxed with many different solutions. Any pckage can be sandboxed really.
minus-squareDefault Username@lemmy.dbzer0.comlinkfedilinkEnglisharrow-up9·2 days agoThis attack was executed by a script running in the PKGBUILD itself. You didn’t have to run the application to be infected since just building it will infect your machine.
minus-squarepatlefort@lemmy.worldlinkfedilinkarrow-up2·1 day agoIt also had an install script that will be run as root when the package is installed. Can’t sandbox that.
minus-square9tr6gyp3@lemmy.worldlinkfedilinkEnglisharrow-up3·2 days agoYeah, I bet the build process could also be sandboxed, but Im sure its not the default.
minus-squareDefault Username@lemmy.dbzer0.comlinkfedilinkEnglisharrow-up4·2 days agoSandboxing the build process would be a process. Nix already does it, for example. Many AUR packages don’t include a full list of dependencies.
AUR packages can be sandboxed with many different solutions. Any pckage can be sandboxed really.
This attack was executed by a script running in the PKGBUILD itself. You didn’t have to run the application to be infected since just building it will infect your machine.
It also had an install script that will be run as root when the package is installed. Can’t sandbox that.
Yeah, I bet the build process could also be sandboxed, but Im sure its not the default.
Sandboxing the build process would be a process. Nix already does it, for example. Many AUR packages don’t include a full list of dependencies.