Coming from a world of inscrutable untrusted black-box closed-source software perhaps. It's a tradeoff at best though, as applications installed system-wide with root privileges are protected from unexpected modification by those same root privileges. Something installed in your home directory OTOH is fair game to be messed with by anything running under your user account.installing applications on Linux and Win often requires escalated root/admin privileges. Once you get root involved (sudo) who knows what is being done.
Needing root for installation is completely different to running the application as root anyway, it's the package manager not the application itself we give elevated permissions.
Running some random "Setup.exe" under the administrator account is a Windows thing and a Windows problem. We have package managers like apt/dpkg for a reason, and we don't run random programs as root because we're not stupid.
I still don't know where this idea that "unmodified versions" from "original developers" is somehow better or more trustworthy comes from (usual suspect #1: "Muh securitee koolaid" inherited from closed-source cesspools ecosystems), but that's not really how FOSS works.Another issue with repositories is a lack of control... You don’t know if the code in a repository is an unmodified version of what the developer released.
The whole point of free software is the freedom to inspect and modify software, and the freedom to redistribute those modifications.
Packages from the repositories very often are modified, and that's a good thing because it's done to improve compatibility with Debian or to backport security fixes to known-good versions.
Take the recent XZ supply-chain attack for example: If we were to believe the rhetoric that the latest unmodified upstream release is always the safest and most trustworthy, we would have been wide open.
Instead the affected releases never made it past testing, and Debian's policy of sticking to tested versions + Debian modifications meant compromised copies of those libraries were never shipped to stable users.
Statistics: Posted by steve_v — 2024-05-28 05:25