On 07/09/2018 04:37 PM, Giancarlo Razzolini via aur-general wrote: > Hi Bennet, > > This would be a warning for what exactly? That orphaned packages can > be adopted by anyone? That we have a big bold disclaimer on the front > page of the AUR clearly stating that you should use any content at > your own risk?
No, that people should check what they install. A script that creates `compromised.txt` in the root and all home folders looks like a warning to me. I agree with you and Ben Oliver, people should expect this. I wasn't saying that I was surprised about it. Cheers, Bennett -- GPG fingerprint: 871F 1047 7DB3 DDED 5FC4 47B2 26C7 E577 EF96 7808
signature.asc
Description: OpenPGP digital signature