|
|
|
|
|
|
by carlsborg
4 days ago
|
|
|
> AUR is just a collection of user-produced PKGBUILDs. Is that much different from the entire pypi ecosystem, and npm, and dockerhub (people disable Selinux, --privileged turns off seccomp and apparmour, sandbox escape CVES exist)? |
|
|
The entire dev ecosystem has terrible security hygiene, largely because of the pressure to move fast and real security controls by their nature limit flexibility and can slow most processes down.