|
|
|
|
|
|
by samtheprogram
1303 days ago
|
|
|
Some package managers don’t really prevent this, particularly thinking of npm but also apt and other system package managers, because they can run arbitrary post-install scripts. As always, you need to trust the vendor of software you install and/or do an audit of the source/installer regardless. |
|
|