Aqua Nautilus researchers have identified a security issue that arises from the interaction between Ubuntu’s command-not-found package and the snap package repository. While command-not-found serves as a convenient tool for suggesting installations for uninstalled commands, it can be inadvertently manipulated by attackers through the snap repository, leading to deceptive recommendations of malicious packages.

  • Virulent@reddthat.com
    link
    fedilink
    arrow-up
    7
    ·
    10 months ago

    A noob shouldn’t have to think about any of this. They would install from gnome software or discover and not know the difference between flatpaks or rpms or debs.