• rotopenguin@infosec.pub
    link
    fedilink
    English
    arrow-up
    9
    arrow-down
    5
    ·
    1 year ago

    If a website stuffed a .deb into your Downloads folder and you click on it, should the default behaviour be to run it? Is there a significant pile of Ubuntu software out there that is unavailable in the apt and snap and flatpak stores? Other stores such as Steam and Epic (Heroic) are easily installable via … starting in your apt/snap/flatpak store.

    • KISSmyOS@lemmy.world
      link
      fedilink
      arrow-up
      28
      ·
      edit-2
      1 year ago

      The default beaviour shouldn’t be to run it, but it also shouldn’t be to tell you that a program that can run it doesn’t exist, when it actually does.
      If you want to do it via GUI, default behaviour should be to tell you that for security reasons, installation of deb files from the web is disabled, with a link to the root-accessible setting that enables it (similar to Android, for example).

    • jsdz@lemmy.ml
      link
      fedilink
      arrow-up
      6
      ·
      1 year ago

      Well, that marks the first time I’ve seen anyone refer to it as “the apt store.” Thanks, I hate it.

      • jonne@infosec.pub
        link
        fedilink
        arrow-up
        4
        arrow-down
        1
        ·
        1 year ago

        It can install a service that will start automatically after install, so for all intents and purposes, if you click it and enter your sudo password, you might as well have run an executable.

      • rotopenguin@infosec.pub
        link
        fedilink
        English
        arrow-up
        4
        arrow-down
        1
        ·
        1 year ago

        It has pre and post-install scripts. Once you hand it off to dpkg, it can do pretty much anything.