this post was submitted on 15 Jun 2026
701 points (97.8% liked)

linuxmemes

31843 readers
142 users here now

Hint: :q!

Sister communities:

Community rules (click to expand)

1. Follow the site-wide rules

2. Be civil
  • Understand the difference between a joke and an insult.
  • Do not harrass or attack users for any reason. This includes using blanket terms, like "every user of thing".
  • Don't get baited into back-and-forth insults. We are not animals.
  • Leave remarks of "peasantry" to the PCMR community. If you dislike an OS/service/application, attack the thing you dislike, not the individuals who use it. Some people may not have a choice.
  • Bigotry will not be tolerated.
    • 3. Post Linux-related content
  • Including Unix and BSD.
  • Non-Linux content is acceptable as long as it makes a reference to Linux. For example, the poorly made mockery of sudo in Windows.
  • No porn, no politics, no trolling or ragebaiting.
  • Don't come looking for advice, this is not the right community.
    • 4. No recent reposts
  • Everybody uses Arch btw, can't quit Vim, <loves/tolerates/hates> systemd, and wants to interject for a moment. You can stop now.
    • 5. πŸ‡¬πŸ‡§ Language/язык/Sprache
  • This is primarily an English-speaking community. πŸ‡¬πŸ‡§πŸ‡¦πŸ‡ΊπŸ‡ΊπŸ‡Έ
  • Comments written in other languages are allowed.
  • The substance of a post should be comprehensible for people who only speak English.
  • Titles and post bodies written in other languages will be allowed, but only as long as the above rule is observed.
    • 6. (NEW!) Regarding public figuresWe all have our opinions, and certain public figures can be divisive. Keep in mind that this is a community for memes and light-hearted fun, not for airing grievances or leveling accusations.
  • Keep discussions polite and free of disparagement.
  • We are never in possession of all of the facts. Defamatory comments will not be tolerated.
  • Discussions that get too heated will be locked and offending comments removed.
    • Β 

    Please report posts and comments that break these rules!

    Important: never execute code or follow advice that you don't understand or can't verify, especially here. The word of the day is credibility. This is a meme community -- even the most helpful comments might just be shitposts that can damage your system. Be aware, be smart, don't remove France.

    founded 3 years ago
    MODERATORS
    zephyr@lemmy.world
    rtxn@lemmy.world
    701
    Where the AUR users at? (lemmy.world)
    submitted 1 week ago by cannedtuna@lemmy.world to c/linuxmemes@lemmy.world
    130 comments fedilink hide all child comments
     
    (page 2) 50 comments
    sorted by: hot top controversial new old
    [–] Shanmugha@lemmy.world 8 points 1 week ago

    I am at "no fucking yays and the bunch, check the package create/update dates, read PKGBUILD, only update when necessary". Has served me well so far

    [–] irelephant@lemmy.dbzer0.com 7 points 1 week ago (1 children)

    Security through insecurity

    [–] irelephant@lemmy.dbzer0.com 4 points 1 week ago

    Though, Linux being open source helps a lot

    [–] jason@discuss.online 6 points 1 week ago* (last edited 1 week ago) (2 children)

    Anyone catch that hilarious LLM exchange on aur-general mailing list over the weekend?

    E: found it

    [–] helpImTrappedOnline@lemmy.world 4 points 1 week ago* (last edited 1 week ago)

    Well that's fun. Odd someone named Campbell asking was for a tomato soup recipe, you'd think that would just be built into their bloodline or something.

    While I'm glad no JS package managers were hurt to make the soup, I do wish the recipe didn't waste so much water.

    load more comments (1 replies)
    [–] kalapala@sopuli.xyz 6 points 1 week ago

    Doesn't work like this.

    [–] OneCardboardBox@lemmy.sdf.org 5 points 1 week ago

    Me!!!!

    But I'm actually safe: Last month I fried half of my BTRFS array, and decided that instead of recovering the system, I'd rather copy over the relevant data and reinstall Arch from scratch. In doing so, I've shed the majority of AUR packages that my old system had. Of the handful of AUR packages on my new system, none were attacked.

    [–] pleb_maximus@piefed.zip 5 points 1 week ago

    Hi there πŸ‘‹

    Don't have installed much from the AUR though.

    [–] Kolanaki@pawb.social 4 points 1 week ago

    Custom OS that no one else has access to. It might be full of exploits and bugs, but only you would know that. πŸ˜‰

    [–] Speiser0@feddit.org 4 points 1 week ago

    My eyes, I look at AUR packages before building them, as any real arch user does. AFAIK, antivirus programs would do the same to compiled binaries, looking for suspicious things and blocking if it finds something.

    [–] avidamoeba@lemmy.ca 4 points 1 week ago* (last edited 1 week ago)

    The unsandboxed package model was only ever safe in its original conception - with organizationally trusted and cryptographically enforced maintainer model. Remove the maintainer/developer trust requirement and you need a sandbox in order to prevent malware having root access on your system. Tis why mobile apps were sandboxed on Android and iOS from the get go.

    [–] wylinka@szmer.info 3 points 1 week ago* (last edited 1 week ago) (1 children)

    Never use things like yay, just read the PKGBUILD and run makepkg. AUR wasn't meant to be automated. But it's better to use Flatpak, because it provides sandboxing (not for every app, but it can be reviewed before installation).

    load more comments (1 replies)
    [–] ILikeBoobies@lemmy.ca 3 points 1 week ago* (last edited 1 week ago)

    Use the AUR, have an antivirus, no infected packages. However I was thinking of switching to https://chimera-linux.org/ before the infected packages went out.

    load more comments
    view more: β€Ή prev next β€Ί