- cross-posted to:
- security@programming.dev
- cross-posted to:
- security@programming.dev
Aqua Nautilus researchers have identified a security issue that arises from the interaction between Ubuntu’s command-not-found package and the snap package repository. While command-not-found serves as a convenient tool for suggesting installations for uninstalled commands, it can be inadvertently manipulated by attackers through the snap repository, leading to deceptive recommendations of malicious packages.
I’ve been really enjoying LMDE (Linux Mint Debian Edition) as a main distro. It asks you during the install what package systems you want to include and you can just not select snap 👌