Linux

65723 readers

610 users here now

From Wikipedia, the free encyclopedia

Linux is a family of open source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991 by Linus Torvalds. Linux is typically packaged in a Linux distribution (or distro for short).

Distributions include the Linux kernel and supporting system software and libraries, many of which are provided by the GNU Project. Many Linux distributions use the word "Linux" in their name, but the Free Software Foundation uses the name GNU/Linux to emphasize the importance of GNU software, causing some controversy.

Rules

Posts must be relevant to operating systems running the Linux kernel. GNU/Linux or otherwise.
No misinformation
No NSFW content
No hate speech, bigotry, etc

Related Communities

Community icon by Alpár-Etele Méder, licensed under CC BY 3.0

founded 7 years ago

MODERATORS

nooter692@lemmy.ml

AgreeableLandscape@lemmy.ml

MarcellusDrum@lemmy.ml

cypherpunks@lemmy.ml

cyclohexane@lemmy.ml

d3Xt3r@lemmy.nz

167

Arch Linux AUR Malware Campaign Hits Multiple User-Contributed Packages (linuxiac.com)

submitted 16 hours ago by Vittelius@feddit.org to c/linux@lemmy.ml

51 comments fedilink hide all child comments

Arch Linux’s AUR is experiencing a malware incident involving user-contributed packages with malicious commits that attempt to download npm-based payloads during installation. (...)

Arch users should not update AUR packages without review. Examine PKGBUILD diffs, check any new .install files, and be cautious if updates introduce npm commands or dependencies unrelated to the software.

Users who recently updated affected AUR packages should review package history, examine executed suspicious install scripts, and treat any unexpected npm-based installation behavior as a possible compromise.

you are viewing a single comment's thread
view the rest of the comments

[–] SolarPunker@slrpnk.net 9 points 13 hours ago (1 children)

That's another reason I like cachyos: they have a curated list of aur pkgs in their repo.

[–] Luckyfriend222@lemmy.world 5 points 12 hours ago (2 children)

I too use CachyOS. But i am very new to it. Why are we more 'protected' than straight up Arch users? I like Cachy, but have a gripe with how some applications behave, especially Java based Apps, that have a native installer in AUR (not building from source). I have one application that is built in JAVA, and the text is so freaking small, all the pop-up windows open on the wrong place which makes the pointer inaccurate etc. But I digress. The question was more why should we feel more relaxed than the Arch guys and gals?

[–] SolarPunker@slrpnk.net 1 points 7 hours ago

It's like having a "double check" from a trusted source, they compile selected stuff from the aur so I suppose it's a little more safe for the random user.

[–] gegil@sopuli.xyz 1 points 10 hours ago (1 children)

This is propably because app does not support fractional scaling. Some apps that does not support fractional scaling will either not be scaled (rendered at native display resolution), or scaled by system (will look blurry because window resolution does not match display resolution).

[–] Luckyfriend222@lemmy.world 1 points 10 hours ago

That makes sense. What is weird though is the dev wrote the app for multiple platforms, including Debian, RPM-based and a few others. So it not like it is one of those ‘compile only from source and good luck to yah’ kinda apps.

But thank you for the response. I do appreciate you taking the time!