• The Cuuuuube@beehaw.org
    link
    fedilink
    English
    arrow-up
    1
    ·
    5 months ago

    A deb is just a zip file that gets unpacked to where your binaries go. A shell script you curl pipe into shell could contain literally any instructions

    • gomp@lemmy.ml
      link
      fedilink
      arrow-up
      2
      ·
      edit-2
      5 months ago

      Binary packages have scripts (IIRC for .deb they are preinst/postinst to be run before/after installation and prerm/postrm before/after removal) that are run as root.

      BTW the “unzip” part is also run as root, and a binary package can typically place stuff anywhere in your system (that’s their job after all)… even if you used literal zip files they could still install a script in ways that would cause the OS to execute it.