[aur-general] acroread package compromised

Giancarlo Razzolini grazzolini at archlinux.org
Mon Jul 9 15:10:32 UTC 2018

Em julho 9, 2018 11:53 Ben Oliver via aur-general escreveu:
> Agreed. It's important to understand what the AUR is and how it works 
> before using it.

Yes. Which is why we have warnings everywhere.

> Without this, a helper is simply granting anyone permission to run 
> scripts on your computer.

Wildly exaggerated. A good helper will inform the user. It should be up
to the user ultimately to check things, helper or not.

> If you are at all surprised by this takeover, then defintely start 
> reading the wiki:
> https://wiki.archlinux.org/index.php/Arch_User_Repository
> https://wiki.archlinux.org/index.php/PKGBUILD

Look my email address domain portion.

Giancarlo Razzolini
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 870 bytes
Desc: not available
URL: <https://lists.archlinux.org/pipermail/aur-general/attachments/20180709/4e5758b6/attachment.sig>

More information about the aur-general mailing list