[rwmj]

I was just imagining if we'd all settled on using shar files how big the virus/worm problem would be on Linux today ...

... Then I thought that effectively that's what Windows does (using *.exe for installers). No wonder they've got a problem.

[_delirium]

Well, the existing Linux package managers aren't really safer as far as the archive formats go; for example, .debs can run arbitrary shell scripts during installation. The main thing that seems to add to the safety is the social practice of grabbing debs via trusted repositories using apt-get/aptitude/synaptic, rather than manually downloading them from random sites and doing dpkg -i. But if there is malware, it's even worse, because at least these shar installers are usually installed as non-root, while installing a .deb needs root.