[$] Limiting the power of package installation in Debian

Post Syndicated from jake original https://lwn.net/Articles/770784/rss

There is always at least a small risk when installing a package for a
distribution. By its very nature, package installation is an invasive
process; some packages require the ability to make radical changes to the
system—changes that users surely would not want other packages to take
advantage of. Packages that are made available by distributions are vetted
for problems of this sort, though, of course, mistakes can be made.
Third-party packages are an even bigger potential problem because they lack
this vetting, as was discussed in early October on the debian-devel mailing
list. Solutions in this area are not particularly easy, however.