I learnt a lesson yeah. It looks like I got away, there’s no rootkit, I found nothing weird running, I don’t have npm Installed, and up until now it doesn’t seem like the packages I had installed were compromised. But I had way more AUR packages installed than I was aware of. And I was just updating them without really caring about the pkgbuild, I have better things to do. Multiple packages were outdated crap that shouldn’t have been there anymore.
I was careless and took too much risk. I reduced the Installed AUR packages to a minimum, and from now on I will verify the PKGBUILDs on every update. Maybe Arch isn’t really what I need. I’m on the LTS kernel and I no longer really use the AUR. But switching will be a huge hassle and this setup will work well from here on out, so I’ll stick to it for now
errr… just FYI, if you have AUR packages through distrobox, you are basically just as vulnerable as someone running vanilla arch. You checked if you have anything form the AUR on the nearly 2k (last I checked) package list?
I learnt a lesson yeah. It looks like I got away, there’s no rootkit, I found nothing weird running, I don’t have npm Installed, and up until now it doesn’t seem like the packages I had installed were compromised. But I had way more AUR packages installed than I was aware of. And I was just updating them without really caring about the pkgbuild, I have better things to do. Multiple packages were outdated crap that shouldn’t have been there anymore.
I was careless and took too much risk. I reduced the Installed AUR packages to a minimum, and from now on I will verify the PKGBUILDs on every update. Maybe Arch isn’t really what I need. I’m on the LTS kernel and I no longer really use the AUR. But switching will be a huge hassle and this setup will work well from here on out, so I’ll stick to it for now
I’ve been using Bazzite for a couple of years now and it’s great. Almost boring how stable it is.
And I access the AUR with an Arch distrobox if I need to
errr… just FYI, if you have AUR packages through distrobox, you are basically just as vulnerable as someone running vanilla arch. You checked if you have anything form the AUR on the nearly 2k (last I checked) package list?