Starts with:
it’d be nice if we sandboxed applications more.
Turns into:
you essentially can’t do anything about the applications themselves
Not only contradicting with themselves but are also wrong in both cases. I don’t know who tf is upvoting this pile of unintelligable crap.
but securing the installation process is straight forward these days.
No.
At the very least aur must verify you are associated with the domain name of the project, same as flathub.
Yeah good luck sandboxing a service running as root at boot. Maybe look at the malware next time before trying to call it meh?
As a package maintainer in AUR, I never understood the awe with it. You’re literally executing random shell scripts by strangers as root. It’s the same thing as curl | sudo bash except its a lot easier to hide malicious things.
Most people claim they read the PKGBUILD (which I don’t believe tbh) but I bet they don’t read <package>.install scripts which don’t have to be explicitly mentioned in the PKGBUILD if it shares the same name as the package.
I could push whatever I want to my package and hundreds of people will pick it up. Since I’m not a script kiddie like this guy, I could hide it much better too.
I guess what I’m saying is, don’t execute unvetted bash scripts as root kids. Open source doesn’t mean people verify the code. It just means they can.
There are <250USD used frameworks?
That’s the primary value offer of nushell so at least people who made it considered it I’d say.
Looks pretty
Yeah my question is does this person and 40+ upvoters think using Hyprland is a sign someone is a competent software engineer?
Fuck yaml. I’m not parsing data structured with spaces and newlines with my eyes. Use visible characters.
Aah my web client wasn’t showing any links in your original message.
good source in case anyones interested. I’m fine with them generally being available.
Not seeing where it says install arch
Malware targeting individuals rather than servers do not need privilege escalation. They just need to run as the user and swipe cookies/credentials/wallets etc. Privilege escalation would allow them to do catastrophic damage but that’s not the point in that case.
majority of unixporn posts are people copy pasting premade hyprland configs so…
How dare those people make and release software for free but don’t dedicate more of their time to me!
deleted by creator
Running those adblockers on your devices is extremely insecure. They register as a VPN and intercept HTTPS traffic. They decrypt the encrypted traffic, filter it, and encrypt again meaning all your communications are signed by this single app’s certificate. Not to mention any vulnerability would wreak havoc.
What’s up with the attitude like gpu accelerated terminals aren’t extremely popular? If you’re fine with what you’re using, have fun and tone down the high horse.
I might be misremembering that detail or it might’ve changed since the last time I wrote a fresh PKGBUILD.
My preference goes Arch repos -> official aur packages that I read the manifests of -> verified flatpaks that I read the manifests of -> Nix