Plus no backdoors

  • unperson [he/him]
    ·
    3 years ago

    Yes, I definitely trust my distribution way more than some random programmer. I already trusted my distro with admin access, a video editor doesn't and shouldn't run as admin.

    • eduardog3000 [he/him]
      ·
      3 years ago

      If you are downloading the program at all, that means you are trusting its programmer. Downloading it from a repo is adding another party to trust vs downloading it directly from the programmer.

      • unperson [he/him]
        ·
        3 years ago

        If I apt install kdenlive and then run kdenlive, the program has never ran as root and cannot make itself run a service in the background, or log keystrokes, or install other things.

        If I download a package or an installer from the Internet the publisher runs a program as admin on my computer and can do whatever it wants, bundle adware, start hidden services, whatever.

        My distribution is not 'another party to trust'. It's the party I already trust the most. If I or someone else find something harmful in a program that's on the repo, I expect the distro to remove the program or patch out the harmful parts, while I don't expect the first-party installer to become better in any way.