Is there a place to check for security of repositories?

Question

I wanted to add some themes from sudo add-apt-repository ppa:noobslab/themes. How do I ensure these are safe repos? They are listed in many blogs and answers, however is there an official place I could check for the risk of malware?

I actually added them and then removed them using

sudo apt-get clean 
sudo apt-get remove

Am I safe after that usually? I also scanned my system using clamav and its fine. Perhaps I need to see the files that might have gotten installed to make sure there are no harmful scripts or binaries.

Do I need to re-install system to make sure I don't risk security issues with my data?

I don't thing there is anyone checking the quality of ppa repo's. They are a risk you have to accept. I understand your concerns. its the reason I don't use them myself. — squareborg, Mar 02 '15 at 15:03
Right, yes I understand its hard. I would then re-install the machine and stick with official repos. — Nishant, Mar 02 '15 at 15:07
possible duplicate of Are PPA's safe to add to my system and what are some "red flags" to watch out for? — David Foerster, Mar 02 '15 at 16:20

score 3 · Accepted Answer · edited Apr 13 '17 at 12:25

The only way to ensure that a PPA is "safe": Download the source packages published in that repository and check the source code contained in these source packages. Also, before installing updates on your machine, you would have to re-check the PPA to see if a new source package has been uploaded and audit that new source code.

Obviously, most users are unable to do that because they lack the skills required for a security audit. And it would be very time-consuming.

If you installed at least one package from that PPA (either through apt-get install, or apt-get upgrade), it is theoretically possible that your system is now infected, even after you apt-get removed that package. Packages are installed using root (administrator) privileges, so they can harm your system in any conceivable way. Usually, the packages are not harmful though. As far as I know, nobody attempted to infect Ubuntu systems through PPAs yet.

After doing add-apt-repository, you should remove the PPA if you no longer want it. If it contains malicious packages, this is however not a safe way to revert to a clean state. How can PPAs be removed?

If we assume that there was a malicious package installed on your system, the only way to be sure to get rid of an infection is to re-install the system completely, or revert to an older backup of your system.

Faizan Akram Dar · Answer 2 · 2015-03-03T06:31:11.060

It is recommend that one uses only official repositories of canonical and Ubuntu but still to enhance features of Ubuntu sometimes unofficial repos are required.

ppa from noobslab are safe although no one can ensure it but people have been using them from many years and I didn't saw any person complaining about infection from unofficial ppa .

Anyway if you want to use only official ppa, there is no option then a fresh install.

Is there a place to check for security of repositories?

2 Answers2