Join Log in
Score:0
A J avatar Ubuntu

Is adding a PPA safe?

cn flag
A J

Are all PPAs safe? From where do I know which PPA refers to which packages? Can adding a PPA cause any harm? Or is it that the package when downloaded will cause harm? In particular is it safe to add ppa:ubuntu-toolchain-r/test? Or is it more safer to install packages from official websites?

44
0 + 0
ppa
guiverc avatar
cn flag
guiverc
PPAs are *Personal Package Archives* so all security checks are on you to perform. No guarantee is provided with them; as they are all 3rd party software sources. You decide your own standards as to what you'll accept; how important security is for you.
2
Reply
Emoji avatar
ng flag
Emoji
In addition, Do not ask more than 1 question in one question entitiy.
0
Reply
Emoji avatar
ng flag
Emoji
I hope the existing answer helps you, and I've flagged this question as "need more focus".
0
Reply
Score:2
avatar Ubuntu
us flag
Archisman Panigrahi

Are all PPAs safe?

No. Although there are no known PPA which were solely created to spread malicious software, poorly packaged apps in a PPA can cause dependency issues.

From where do I know which PPA refers to which packages?

Click on package details of a PPA, and you will be redirected to a page containing the list of all packages, like this.

Can adding a PPA cause any harm? Or is it that the package when downloaded will cause harm?

The packages in a PPA might cause harm, not adding the PPA itself. Suppose, a PPA contains a updated version of GNOME desktop, which actually has no contents (i.e., a fake, empty package). If you add that PPA, Ubuntu will "upgrade" to that version, and as a result you will lose your graphical user interface. While such PPAs are very uncommon, there are certain PPAs which contain poorly packaged apps, which may cause dependency issues.

In particular is it safe to add ppa:ubuntu-toolchain-r/test?

It depends. However, since this is mentioned in the Ubuntu Wiki, a lot of users would use it (and any malicious packages will be reported quickly), so I would trust this PPA (but this is my opinion. You should determine on your own whether you want to add the PPA).

Or is it more safer to install packages from official websites?

It is always safer to install packages from the official sources, with sudo apt install name-of-software-here.

0 + 0
Score:0
Emoji avatar Ubuntu
ng flag
Emoji

In short: You have to trust the developer of the PPA.

PPAs are Personal Package Archives, a service provided by Canonical. Even though the hosting service is official, the programs inside of PPAs are all third-party programs. Use them at your own risk.

The action itself of adding PPAs onto your computer does nothing dangerous, but you have to download the programs at your own risk.

You decide your own standards as to what you'll accept; how important security is for you. – @guiverc

Are all PPAs safe?

No. As I said, PPAs are third parties, so they cannot be 100% trusted.

0 + 0
ธงชาติไทย
Elon Musk
I sit in a Tesla and translated this thread with Ai:

mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.