Unofficial binary Debian packages considered insecure?

To: debian-user@lists.debian.org
Subject: Unofficial binary Debian packages considered insecure?
From: gnalle@ruc.dk (Niels L. Ellegaard)
Date: 28 May 2004 21:57:33 +0200
Message-id: <[🔎] 7w8yfcqq8i.fsf@i19.ruc.dk>

I have been looking at a few of the the sites that offer unofficial
debian packages, and I am somewhat confused about the security issues.
I am not a great Linux guru, so I wonder how easy it would be to hide
a rootkit in a binary package and submit it to apt-get.org or
backports.org. Is this a serious risk or am I just being paranoid?

                        Thanks in advance

                                Niels


PS: I realize that I can often use to apt-source, but I like plug-and-play :)


-- 
Niels L Ellegaard  http://dirac.ruc.dk/~gnalle/

Reply to:

Follow-Ups:
- Re: Unofficial binary Debian packages considered insecure?
  - From: Osamu Aoki <osamu@debian.org>
- Re: Unofficial binary Debian packages considered insecure?
  - From: Brian Nelson <pyro@debian.org>
- Re: Unofficial binary Debian packages considered insecure?
  - From: Paul Johnson <baloo@ursine.ca>

Prev by Date: Re: Moving Package List
Next by Date: Re: Moving Package List
Previous by thread: Re: Moving Package List
Next by thread: Re: Unofficial binary Debian packages considered insecure?
Index(es):
- Date
- Thread