Hi,
I'm fairly new to Linux's and Ubuntu's PPA-based update/install mechanism and am beginning to wonder how safe these PPAs really are. In particular, I wonder how easy it'd be for a private PPA maintainer to include malicious code in their PPAs (I'm guessing it'd be fairly easy) and how likely I'd be to actually notice something was wrong.
My PPA source list has grown to quite a fairly large size since I ditched Windows and started using Ubuntu only. My request to you is if you could have a look at my PPAs and advise me on which to ditch, being that security is my number one concern. Also, I'd very much appreciate it if you could provide me with some pointers as to what considerations to make or steps to take when hunting for PPA sources (i.e. cross check launchpad username on some other site; etc.)
My PPA list:
https://launchpad.net/~dreibh/+archive/ppa
Dia, the diagram creation tool.
https://launchpad.net/~rvm/+archive/smplayer
smplayer
https://launchpad.net/~rvm/+archive/mplayer
mplayer
https://launchpad.net/~ubuntu-x-swat/+archive/ppa
I believe this PPA is included in the default installation.
https://launchpad.net/~liferea/+archive/ppa
liferea RSS reader
https://launchpad.net/~webkit-team/+archive/ppa
WebKit PPA required by liferea
https://launchpad.net/~freshgames/+archive/ppa
To keep openttd up to date.
https://launchpad.net/~jhs.schmid/+archive/ppa
Anjuta
https://launchpad.net/~pasgui/+archive/ppa
Codeblocks (unsure whether to use Anjuta, Codeblocks or just keep using emacs + command line)
https://launchpad.net/~ubuntu-toolchain/+archive/ppa
GCC along with several other Linux utilities kept updated.
https://launchpad.net/~ubuntu-wine/+archive/ppa
WINE
https://launchpad.net/~chromium-daily/+archive/ppa
Chromium browser
https://launchpad.net/~pidgin-developers/+archive/ppa
Pidgin
https://launchpad.net/~deluge-team/+archive/ppa
Deluge (BitTorrent client)
Bookmarks