Linux

63955 readers

1163 users here now

From Wikipedia, the free encyclopedia

Linux is a family of open source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991 by Linus Torvalds. Linux is typically packaged in a Linux distribution (or distro for short).

Distributions include the Linux kernel and supporting system software and libraries, many of which are provided by the GNU Project. Many Linux distributions use the word "Linux" in their name, but the Free Software Foundation uses the name GNU/Linux to emphasize the importance of GNU software, causing some controversy.

Rules

Posts must be relevant to operating systems running the Linux kernel. GNU/Linux or otherwise.
No misinformation
No NSFW content
No hate speech, bigotry, etc

Related Communities

Community icon by Alpár-Etele Méder, licensed under CC BY 3.0

founded 6 years ago

MODERATORS

AgreeableLandscape@lemmy.ml

nooter692@lemmy.ml

MarcellusDrum@lemmy.ml

cypherpunks@lemmy.ml

cyclohexane@lemmy.ml

d3Xt3r@lemmy.nz

Is it safe to assume that all apps from the software store (Discover in my case) are safe? (lemmy.org)

submitted 1 day ago by Cekan14@lemmy.org to c/linux@lemmy.ml

34 comments fedilink hide all child comments

Hi, there!

Newbie question here: basically, the title. Perhaps what I'm asking is pretty obvious, but I'd like to double-check with the community on this.

I use Discover on my Debian KDE Plasma set-up, with Flatpaks enabled (but not Snaps). Sometimes, I come across apps (I did just yesterday, searching for translation apps to replace DeepL), that have according to its page, an unknown author and, sometimes, even an unkown licence, but which do require access permission to the whole system (this latter requirement applying specifically to Deb packages, from what I've seen).

Under these circumstances, is it safe to assume that such apps will still be safe because of the fact that they appear listed on Discover (in other words, is Discover a guarantee of safety for the apps it shows, as in, some type of checked or proved content), or should I still be wary of potentially malicious software included on it?

Thank you very much in advance :)

you are viewing a single comment's thread
view the rest of the comments

[–] jpicture@lemmy.zip 18 points 1 day ago (5 children)

Just to clarify what others are saying: the 'software store' (Discover in your case) is just the graphical application that you use to manage the software installed on your computer. The repositories, aka 'repos' are the sources of that software. There are people whose job it is to vet the software in those repositories and make sure that it's safe. Flatpak is a packaging format. The biggest repository (and what you likely have enabled) for flatpaks is Flathub. If you're installing software from the Debian repo and Flathub you should be fine. You should be able to verify which repositories are enabled via the Discover app. You have the freedom to add other repositories too, but it will be your own responsibility to evaluate whether those sources are trustworthy if you do.

Long story short, if you just use Debian as it is, you are fine.

[–] Cekan14@lemmy.org 8 points 1 day ago (4 children)

Thanks for joining the conversation and help make things clear. This does help; so, basically, not having manually enabled anything else than Flathub/Flatpaks on Discover, and having Debian's repository already, I am fine as long as I install programmes from either of those two.

[–] goldman60@lemmy.world 3 points 1 day ago (1 children)

I would say you are more than likely fine, malicious code does occasionally sneak into Debian distributed apps but you'll likely never encounter something that is outright fraudulent or a scam.

[–] moonpiedumplings@programming.dev 1 points 13 hours ago (1 children)

malicious code does occasionally sneak into Debian distributed apps

Do you have an example of this? The xz utils backdoor did not make it into debian stable, only unstable.

Debian stable essentially forks every package, maintaining a custom codebase. They then cherry pick security updates only (ignoring feature updates or minor bugfixes), and applying those. This makes it extraordinarily resilient to any form of supply chain attack.

[–] goldman60@lemmy.world 1 points 1 hour ago

I probably should have said "may/could" sneak in, I forgot the xz incident didn't quite make it to Debian (but would have had it not been caught)

load more comments (2 replies)