Windows isn’t the first thing that springs to my mind.
We-ell, this thread kinda started with saying that we’ll see glaring security holes with the same desktop popularity as that of Windows.
Hypothetically yes, but in every single distro out there that I’ve seen no. And most people don’t build their own from scratch.
Well, then it doesn’t require flatpaks and snaps to solve this huge problem, right?
You might have a path where only a certain user has ‘w’ rights, that’s readable by everyone, and software is installed there.
You might use Nix or Guix, which are, while not traditional, still pretty normal package managers without things like bundling dependencies.
So NixOS and GuixSD would be such distributions. Admittedly I’ve never used them, only Guix in another distribution.
Not in all cases, no. There are fringe usecases still being worked on. I’ve been using it since 2016 just fine, but my sister, who is reliant on screen readers, hasn’t been able to.
Well, since you’ve mentioned accessibility, some of us have AuDHD, and while each person is different, for me specifically this means that I can set up CWM or FVWM for X11, but I just can’t set up Hikari for Wayland. That is, I had it kinda working, but the anxiety from setting up that and some terminal emulator with hipster XML config and DPI being wrong just made me say “fsck that” and go back. I could have tried Gnome with Wayland, but my X11 setup is more subjectively usable.
No. It is all of them. It’s a problem with all Debian-based distros, Fedora, SUSE, Arch, you name it. Installer scripts run with root privileges.
OK, I’m not sure, but I think OpenBSD and NetBSD don’t run any scripts contained inside packages. They are not Linux ofc.
Yes… then when you run sudo thinking you’re using whatever command, it can run something entirely different. How don’t you see that as a problem?
Yes, you can do that. You can set aliases which will look like whatever at all. How do you solve that “problem”?
So you download, say, a text editor. Except it’s been compromised (although you don’t know it).
OK, I’ll make a shortcut here and say that if you think this is a problem, the only real fundamentally sane way to solve it is to disallow privilege elevation, say, after single mode, and boot to that in case you need to do some maintenance.
In your mind, that’s not a security hole? That’s intended behaviour? Any program should be able to do that?
I don’t really know what to say to that, other than I disagree wholeheartedly.
Any program that you run. Well, or one can forbid aliasing ‘sudo’ in the shell, of course. But you won’t run out of things which can be aliased to something nasty. It will be the same as rm -rf / advice evolving to rm -rf /*