106
submitted 1 month ago by nemeski@mander.xyz to c/linux@programming.dev
you are viewing a single comment's thread
view the rest of the comments
[-] defaultusername@lemmy.dbzer0.com 9 points 1 month ago* (last edited 1 month ago)

This attack was executed by a script running in the PKGBUILD itself. You didn't have to run the application to be infected since just building it will infect your machine.

[-] 9tr6gyp3@lemmy.world 3 points 1 month ago

Yeah, I bet the build process could also be sandboxed, but Im sure its not the default.

[-] defaultusername@lemmy.dbzer0.com 4 points 1 month ago

Sandboxing the build process would be a process. Nix already does it, for example. Many AUR packages don't include a full list of dependencies.

[-] patlefort@lemmy.world 2 points 1 month ago

It also had an install script that will be run as root when the package is installed. Can't sandbox that.

this post was submitted on 12 Jun 2026
106 points (100.0% liked)

Linux

14309 readers
450 users here now

A community for everything relating to the GNU/Linux operating system (except the memes!)

Also, check out:

Original icon base courtesy of lewing@isc.tamu.edu and The GIMP

founded 3 years ago
MODERATORS