[aur-general] acroread package compromised
Ben Oliver
ben at bfoliver.com
Mon Jul 9 14:53:17 UTC 2018
On 18-07-09 11:37:03, Giancarlo Razzolini via aur-general wrote:
>This is why we insist users always download the PKGBUILD from the AUR,
>inspect it and
>build it themselves. Helpers that do everything automatically and users that don't pay
>attention, *will* have issues. You should use helpers even more so at your risk than
>the AUR itself.
Agreed. It's important to understand what the AUR is and how it works
before using it.
Without this, a helper is simply granting anyone permission to run
scripts on your computer.
If you are at all surprised by this takeover, then defintely start
reading the wiki:
https://wiki.archlinux.org/index.php/Arch_User_Repository
https://wiki.archlinux.org/index.php/PKGBUILD
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 488 bytes
Desc: not available
URL: <https://lists.archlinux.org/pipermail/aur-general/attachments/20180709/b8616789/attachment.asc>
More information about the aur-general
mailing list