| ▲ | gf000 6 hours ago | |
> Linux's security model is based on trusting the software you're installing from the FLOSS repositories, That's not a security model, and we don't live in fairyland. Just take a look how well this works with npm packages. It just so happens that emacs plugins are not the most worthwhile target for attackers. | ||
| ▲ | fsflover 6 hours ago | parent [-] | |
> npm packages This has nothing to do with what I said. npm is not a trusted or a FLOSS repository. > we don't live in fairyland When did you see a malware in Debian's repositories last time? | ||