On Thu, Jul 1, 2021 at 1:27 PM Jeremy Stanley wrote: > There's nothing especially wrong about using signed-by, but > it's not the security fix some people seem to believe. In short, > *any* package you install can run arbitrary commands as the root > user on your system during installation. Only ever install packages > from sources you implicitly trust, since the people who control > those packages also essentially control your system.
For sophisticated users it isn't very hard to verify that packages don't do anything malicious as root. `apt install --download-only`, `dpkg-deb --raw-extract`, read the maintainer scripts and check which files are installed into the package. Often running the installed software as a separate user will be good enough isolation for the user parts. For anything more isolated than that you probably want to use containment solutions (such as QubesOS, or Flatpak or VMs), probably generated from Debian binary packages for the security support and other advantages provided. -- bye, pabs https://wiki.debian.org/PaulWise
