• 9488fcea02a9@sh.itjust.works
    link
    fedilink
    arrow-up
    9
    arrow-down
    1
    ·
    1 year ago

    Can someone explain this paragraph please?

    Because of technical limitations in Linux in the 1990s, every Debian package has full root access during its installation. In other words, every Debian developer can potentially become the root user on any machine running Debian. With tens of millions of machines running Debian, that is potentially a lot of power.

    • Alex@lemmy.ml
      link
      fedilink
      arrow-up
      9
      arrow-down
      1
      ·
      1 year ago

      The package pre and post scripts are run as root. These are the things that make sure users and groups exist and other such tweaks to the system. You are essentially trusting the packager doesn’t put anything nasty in there.