As I am installing a bunch of apps (listed below), I was wondering if the apps in HaikuDepot are vetted, or if I should be careful with anything in there. Aside from that, what are the best practices for keeping safe from malicious doings on Haiku.
I installed Angband and Handbrake but can’t find them in list.
BePDF
BePodder
BeScreenCapture
BeShare
CaveStory
DOSBox
Freeciv
GIMP
Minetest
StreamRadio
Vision (Can’t remember if I installed or if it was already there)
VLC
Angband is a console app, I think. It runs in the terminal. Also, Vision is the IRC app that comes with Haiku.
The applications are built from recipes submitted to GitHub - haikuports/haikuports: Software ports for the Haiku operating system.
The people who have direct commit access there are trusted by the community, and everyone else has to go through a github pull request review. However, this does not include very strict checks that the sources come from a known place.
Also, the repository itself currently does not verify signatures, so attacks are possible at that level as well.
So, there is some level of checking, but possibly not as strong as you need.
Many programs and games are terminal only, or they does not add a startscript to the application menu.
This tutoals tell you how to create a startscript for this programs.
Then copy the script to /boot/home/non-packaged…/menu/Applications (does not know the right path in mind at the moment).
It will still open in a Terminal Window? Or do I see this wrong?
Thanks for the help on those apps. I have done scripts for them on a Mac before. Just didn’t think about it with these.
I just hope I’m being safe with what I’m downloading. I did notice some of the apps said “This will modify following packages”. In general if I do third party stuff, I was curious if there were rules of thumb/dos and don’ts in terms of safety. But maybe I’m speaking to early.
Good thinking !
That IS your best practise right there.
My thoughts so far, I granted the anonimised data collection at install on some machines, that must do for paying for the OS. Also I joined the DepotSite to review software. The vetting is up to us.
Trying to port software from elsewhere brings the risks of elsewhere.
Haiku seems pretty obscure, cosmetic it mixes all OS-es, technically it’s not a Linux.
Terminal is very powerful like Linux.
Best practise:
Use and read all tabs and info in the Depot, if an app gives no file listing, nor link to github or developer…
Those may be red flags, or something broken or not yet complete.
Handbrake is a collection of tools working together is/are it not?
Every application something–internet opens a machine to internet.
-use a service, expect some give and take-
No do see it wrong. Many programs can be opend with doubleclick on there executable file, but some people does not add the link to the Application menu. And many programs need to be in his folder.
The script change to the game folder and start the executable file.