Further to my recent post on Linux security, I stumbled upon a stark reminder of the importance of staying vigilant when installing any package from an untrusted source.
It seems that a few weeks ago, a member of the Ubuntu Forums fell foul of one of those unscrupulous scumbags that would do harm to others for no reason other than his (or her) self-gratification. Fortunately the victim of this pernicious act was public-spirited enough to recount the experience in order to spare others from the pain and inconvenience of trashing their hard-drives.
Three weeks ago, Rasa1111 downloaded a .deb file from the Gnome-look website believing it to be an innocent theme package. Unfortunately, the author had included the dreaded rm -rf / command in the postinst script - this command (run as root) will delete any writable directory mounted at the time it is executed. You definitely don't want to run this command - ever!
So, be careful and vigilant and you will stay safe; but never let your guard down.
Sources & References:
- Ubuntu Forums: WARNING~ This Gnome-look theme will erase your HDD
- Ubuntu Manuals: Lucid rm - remove files or directories
- Linuxtopia: 6.6 What is a Debian preinst, postinst, prerm, and postrm script?