Re: List of consultants focusing on Debian packaging for Java?
Hans-Christoph Steiner <email@example.com> writes:
> Third party package repositories are a thing, like Ubuntu PPAs, aptly,
> JFrog Debian Repositories, etc. Unfortunately, due to Debian Apt's
> design, that means giving root access to each repository (package
> pre-install/remove/etc scripts are run as root).
I don't think it is related to APT, but rather it is a risk that is very
common to packages like deb, rpm or similar that can run arbitrary code