|
|
|
|
|
|
by gmuslera
744 days ago
|
|
|
Downloading binaries from should-not-be-trusted sources, and executing/installing them is one way. There is some irony on having to do exactly that with this scanner. But, anyway, you may not have everything you want in your distribution, so you may have to resort to that in some cases. There are more subtler ways to download binaries and scripts from elsewhere, depending on what you use, like Steam games, python/js/perl/etc repositories , browser extensions, adding new distribution repositories, and so on. Everything should be safe enough and should be checked, but as the xz problem showed, that is not a fail-proof guarantee. |
|
|