alt Hacker NewsAs an arch user, I would always skim the PKGBUILD file of AUR packages to see if they install the software they claim to install from official sources and if there's something obviously fishy.
Replies
echelon_musk • today at 4:23 PM
I'd be surprised if you did it as a Debian user!
The BSDs prevent this by never having allowed random jamokes to upload Makefiles into the ports system.