oss-sec mailing list archives
Re: Mitigating malicious packages in gnu/linux
From: "Stuart D. Gathman" <stuart () gathman org>
Date: Tue, 19 Nov 2019 09:08:32 -0500 (EST)
On Tue, 19 Nov 2019, Morten Linderud wrote:
On Tue, Nov 19, 2019 at 01:33:48PM +0200, Georgi Guninski wrote:* As end user what can I do to mitigate malicious packages?The answer to this is complicated.
... an excellent overview from Morten, recommended readingMy tidbit is that when starting with a new package, I run it in a virtual machine until my confidence begins to exceed the annoyance
of going through a VM (generally a year or so). A container may be sufficient for a non-root application. -- Stuart D. Gathman <stuart () gathman org> "Confutatis maledictis, flamis acribus addictis" - background song for a Microsoft sponsored "Where do you want to go from here?" commercial.
Current thread:
- Mitigating malicious packages in gnu/linux Georgi Guninski (Nov 19)
- Re: Mitigating malicious packages in gnu/linux Morten Linderud (Nov 19)
- Re: Mitigating malicious packages in gnu/linux Stuart D. Gathman (Nov 19)
- Re: Mitigating malicious packages in gnu/linux Tim Kuijsten (Nov 19)
- Re: Mitigating malicious packages in gnu/linux Ludovic Courtès (Nov 19)
- Re: Mitigating malicious packages in gnu/linux Morten Linderud (Nov 19)
- Re: Mitigating malicious packages in gnu/linux Pavel Heimlich (Nov 19)
- Re: Mitigating malicious packages in gnu/linux Jakub Wilk (Nov 19)
- Re: Mitigating malicious packages in gnu/linux Solar Designer (Nov 20)
- Re: Mitigating malicious packages in gnu/linux Russ Allbery (Nov 20)
- Re: Mitigating malicious packages in gnu/linux Solar Designer (Nov 20)
- Re: Mitigating malicious packages in gnu/linux Mark Hatle (Nov 20)
- Re: Mitigating malicious packages in gnu/linux Russ Allbery (Nov 20)
- Re: Mitigating malicious packages in gnu/linux Aditya Sirish Arunkumar Yelgundhalli (Nov 20)
- Re: Mitigating malicious packages in gnu/linux Morten Linderud (Nov 19)