this post was submitted on 25 Jul 2025
12 points (57.5% liked)

Linux

8924 readers
450 users here now

A community for everything relating to the GNU/Linux operating system (except the memes!)

Also, check out:

Original icon base courtesy of lewing@isc.tamu.edu and The GIMP

founded 2 years ago
MODERATORS
Ategon@programming.dev
anzo@programming.dev
dwraf_of_ignorance@programming.dev
12
Someone Slipped a RAT into Arch Linux! (news.itsfoss.com)
submitted 3 weeks ago by Sunshine@piefed.ca to c/linux@programming.dev
5 comments fedilink hide all child comments
you are viewing a single comment's thread
view the rest of the comments
[–] INeedMana@piefed.zip 4 points 2 weeks ago

It was AUR. The way AUR works is that there is a PKGBUILD file that tells pacman how to compile a package from scratch. It can be created in a way where nothing gets compiled, only precompiled binary is downloaded (like from github releases). So it was not a package in purely Arch sense. With those PKGBUILDs out from AUR, malicious binaries only sit on their github, or wherever those were hosted, and are not reachable via alternative package managers (pacman, the official one, doesn't offer AUR at all)