SlideShare a Scribd company logo

Security Considerations on Linux Package Management

Download as PPTX, PDF
T
Tharindu Edirisinghe

The document discusses security considerations in Linux package management, focusing on tools like Personal Package Archives (PPAs), APT, and DPKG. It provides commands for installing, removing, and managing packages, along with a brief overview of package structure and metadata. Additionally, it links to resources for further learning on Linux package management and security.

Technology
Related topics:
Cyber-Security
1 of 18
Download to read offline
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
Security Considerations on Linux Package Management
Hello!I am Tharindu Edirisinghe You can find me at …. tharindue.blogspot.com @thariyarox https://lk.linkedin.com/in/ediri ediri@live.com
Source : http://www.slideshare.net/tshrinivasan/foss-history-1300788
Source : http://www.aboutlinux.info/2006/04/mind-map-of-linux-distributions.html
Security Considerations on Linux Package Management
A Personal Package Archive (PPA) is a special software repository for uploading source packages to be built and published as an APT repository by Launchpad. While the term is used exclusively within Ubuntu, Launchpad host Canonical envisions adoption beyond the Ubuntu community. Source : http://askubuntu.com/questions/4983/what-are-ppas-and-how-do-i-use-them https://en.wikipedia.org/wiki/Personal_Package_Archive
sudo apt-get install <package name>
You can add a PPA to your system with a single line in your terminal. Open a terminal and enter: sudo add-apt-repository ppa:shutter/ppa Now, as a one-off, you should tell your system to pull down the latest list of software from each archive it knows about, including the PPA you just added: sudo apt-get update Install Shutter sudo apt-get install shutter
sudo dpkg -i <package file>
The Advanced Package Tool, or APT, is a free software user interface that works with core libraries to handle the installation and removal of software on the Debian, Slackware and other Linux distributions. APT simplifies the process of managing software on Unix-like computer systems by automating the retrieval, configuration and installation of software packages, either from precompiled files or by compiling source code. APT was originally designed as a front-end for dpkg to work with Debian's .deb packages, but it has since been modified to also work with the RPM Package Manager system via APT-RPM.The Fink project has ported APT to Mac OS X for some of its own package management tasks, and APT is also available in OpenSolaris. Source : https://en.wikipedia.org/wiki/Advanced_Packaging_Tool
dpkg is the software at the base of the package management system in the free operating system Debian and its numerous derivatives. dpkg is used to install, remove, and provide information about .deb packages. Source : https://en.wikipedia.org/wiki/Dpkg
package_name ├── DEBIAN │ ├── control (meta data of the package) │ ├── preinst (execute before installing the package) │ ├── postinst (execute after installing the package) │ ├── prerm (execute before un-installing the package) │ └── postrm (execute after un-installing the package) │ └── /……. (folders and files following the linux file structure) Source : https://www.hivelocity.net/kb/what-are-preinst-postinst-prerm-and-postrm-script-2/
demo
mkdir -p helloworld_1.0-1/usr/local/bin cp ~/Projects/Hello World/helloworld helloworld_1.0-1/usr/local/bin/ mkdir helloworld_1.0-1/DEBIAN vi helloworld_1.0-1/DEBIAN/control dpkg-deb --build helloworld_1.0-1 Source : https://ubuntuforums.org/showthread.php?t=910717 Package: helloworld Version: 1.0-1 Section: base Priority: optional Architecture: i386 Depends: libsomethingorrather (>= 1.2.13), xyz (>= 1.2.6) Maintainer: Tharindu Edirisinghe <ediri@live.com> Description: Hello World When you need some sunshine, just run this small program!
Install a Debian (.deb) package × sudo dpkg -i <package name> List installed packages × dpkg -l <package name with/out wildcards> Un-Install a Debian (.deb) package binaries × sudo dpkg --remove <package name> Un-Install a Debian (.deb) package binaries and configuration files × sudo dpkg --purge <package name>
Security Considerations on Linux Package Management
Linux Package Management https://www.linode.com/docs/tools-reference/linux-package-management Package Management Security https://isis.poly.edu/~jcappos/papers/cappos_pmsec_tr08-02.pdf Debian Packaging Tutorial https://www.debian.org/doc/manuals/packaging-tutorial/packaging-tutorial.en.pdf
THANKS!Any questions? You can find me at …. tharindue.blogspot.com @thariyarox https://lk.linkedin.com/in/ediri ediri@live.com

More Related Content

PDF
Setting up iSCSI Providers and Clients in openSUSE
LeeDuncan16
 
PDF
EUC 2013 - Erlang in a *NIX World
ericbmerritt
 
PPT
The OpenSolaris Operating System and Sun xVM VirtualBox - Blake Deville
Matthew Turland
 
PDF
How to mount and unmount filesystem
COMSATS
 
PPTX
Darwin OS
patel nidhi
 
PPTX
Tomoyo linux introduction
Toshiharu Harada, Ph.D
 
PDF
IPSEC
Open Source School
 
PDF
Madagascar2011 - 04 - Présentation configuration pratical work
otb
 
Setting up iSCSI Providers and Clients in openSUSE
LeeDuncan16
 
EUC 2013 - Erlang in a *NIX World
ericbmerritt
 
The OpenSolaris Operating System and Sun xVM VirtualBox - Blake Deville
Matthew Turland
 
How to mount and unmount filesystem
COMSATS
 
Darwin OS
patel nidhi
 
Tomoyo linux introduction
Toshiharu Harada, Ph.D
 
IPSEC
Open Source School
 
Madagascar2011 - 04 - Présentation configuration pratical work
otb
 

What's hot (20)

PPTX
Installing application in ubuntu [autosaved]
K Senthil Kumar
 
PDF
GIT pour développeur
Open Source School
 
PDF
Redhat enterprise Linux
Open Source School
 
PPTX
Overview of linux kernel development
Pushkar Pashupat
 
PPT
101 4.1 create partitions and filesystems
Acácio Oliveira
 
PPTX
Oprating sys
yash patel
 
PDF
Windows Storage Server 2008 R2
diTii
 
PDF
Rust + python: lessons learnt from building a toy filesystem
ChengHui Weng
 
PDF
repositor.io - Simple Repository Management
inovex GmbH
 
PPT
Linuxppt
TSUBHASHRI
 
PDF
[ 2021 AI + X 여름 캠프 ] 1. linux 기초 & 장비 세팅
ChoiYura
 
DOCX
Linux Tor Browser kurulum
reso95
 
ODP
Respositórios do Ubuntu, santo apt-get e outras coisas
Quefo.me
 
PDF
Preventing cpu side channel attacks with kernel tracking
Marian Marinov
 
PDF
1 04 rao
dimitar9
 
PDF
Beyondfs-intro
Kim Yong-Duk
 
PPT
Introduction To Unix
CTIN
 
ODP
Python-specific packaging
dwvisser
 
PPT
101 2.4 use debian package management
Acácio Oliveira
 
PPT
101 2.4b use debian package management v2
Acácio Oliveira
 
Installing application in ubuntu [autosaved]
K Senthil Kumar
 
GIT pour développeur
Open Source School
 
Redhat enterprise Linux
Open Source School
 
Overview of linux kernel development
Pushkar Pashupat
 
101 4.1 create partitions and filesystems
Acácio Oliveira
 
Oprating sys
yash patel
 
Windows Storage Server 2008 R2
diTii
 
Rust + python: lessons learnt from building a toy filesystem
ChengHui Weng
 
repositor.io - Simple Repository Management
inovex GmbH
 
Linuxppt
TSUBHASHRI
 
[ 2021 AI + X 여름 캠프 ] 1. linux 기초 & 장비 세팅
ChoiYura
 
Linux Tor Browser kurulum
reso95
 
Respositórios do Ubuntu, santo apt-get e outras coisas
Quefo.me
 
Preventing cpu side channel attacks with kernel tracking
Marian Marinov
 
1 04 rao
dimitar9
 
Beyondfs-intro
Kim Yong-Duk
 
Introduction To Unix
CTIN
 
Python-specific packaging
dwvisser
 
101 2.4 use debian package management
Acácio Oliveira
 
101 2.4b use debian package management v2
Acácio Oliveira
 
Ad

Viewers also liked (11)

PDF
Portafolio de Diseno grafico - Christian Esteban Proano
Christian Esteban Proaño Gómez
 
PPTX
Internet
saulloaiza1996
 
PPTX
GHY101 1-2 Geography as science 2017_01_25
Mark M. Miller
 
PDF
Apresentação Aquarela Produção e Evento
Isabella Sissi
 
PDF
Healthcare IoT and Analytics to treat Parkinsons
rcnossen
 
PPTX
Miley cyrus.odp
Marinaaa13
 
PPTX
1. historia del diseño grafico 1
ineskaplun
 
PDF
OpinionWay - Avocats de la famille - Loi sur le divorce par consentement mutu...
OpinionWay
 
PDF
snapshot ではじめる ローカライズ検証
moko ist
 
PDF
TYPES OF INSTRUCTIONAL MATERIALS
Irene Ariana Estrella
 
PDF
Introducing Ballerina
WSO2
 
Portafolio de Diseno grafico - Christian Esteban Proano
Christian Esteban Proaño Gómez
 
Internet
saulloaiza1996
 
GHY101 1-2 Geography as science 2017_01_25
Mark M. Miller
 
Apresentação Aquarela Produção e Evento
Isabella Sissi
 
Healthcare IoT and Analytics to treat Parkinsons
rcnossen
 
Miley cyrus.odp
Marinaaa13
 
1. historia del diseño grafico 1
ineskaplun
 
OpinionWay - Avocats de la famille - Loi sur le divorce par consentement mutu...
OpinionWay
 
snapshot ではじめる ローカライズ検証
moko ist
 
TYPES OF INSTRUCTIONAL MATERIALS
Irene Ariana Estrella
 
Introducing Ballerina
WSO2
 
Ad

Similar to Security Considerations on Linux Package Management (20)

PDF
$ make install
Marios Isaakidis
 
PPT
Linux Troubleshooting
Keith Wright
 
PPTX
Software management in linux
nejadmand
 
KEY
Deploying and maintaining your software with RPM/APT
Joshua Thijssen
 
ODP
Basic orientation to Linux
Vidyaratha Kissoon
 
PDF
Part 2 of 'Introduction to Linux for bioinformatics': Installing software
Joachim Jacob
 
PDF
Root file system for embedded systems
alok pal
 
PDF
Launch and Environment Constraints Overview
Csaba Fitzl
 
PDF
File system discovery
MOHAMED Elshawaf
 
PPTX
RPM (LINUX)
Raghu nath
 
PPT
Edubooktraining
norhloudspeaker
 
PDF
HowTo Install openMPI on Ubuntu
A Jorge Garcia
 
PPTX
how to generate debian package from scratch
Thierry Gayet
 
PPT
Unix Administration 2
Information Technology
 
PPT
101 2.5 use rpm and yum package management
Acácio Oliveira
 
PDF
Approaching package manager
Timur Safin
 
PPTX
RHEL Log-files, RPM, Backup & Recovery
Aneesa Rahman
 
PPT
Basic Linux Internals
mukul bhardwaj
 
PPT
101 2.5 use rpm and yum package management
Acácio Oliveira
 
PPT
101 2.5 use rpm and yum package management
Acácio Oliveira
 
$ make install
Marios Isaakidis
 
Linux Troubleshooting
Keith Wright
 
Software management in linux
nejadmand
 
Deploying and maintaining your software with RPM/APT
Joshua Thijssen
 
Basic orientation to Linux
Vidyaratha Kissoon
 
Part 2 of 'Introduction to Linux for bioinformatics': Installing software
Joachim Jacob
 
Root file system for embedded systems
alok pal
 
Launch and Environment Constraints Overview
Csaba Fitzl
 
File system discovery
MOHAMED Elshawaf
 
RPM (LINUX)
Raghu nath
 
Edubooktraining
norhloudspeaker
 
HowTo Install openMPI on Ubuntu
A Jorge Garcia
 
how to generate debian package from scratch
Thierry Gayet
 
Unix Administration 2
Information Technology
 
101 2.5 use rpm and yum package management
Acácio Oliveira
 
Approaching package manager
Timur Safin
 
RHEL Log-files, RPM, Backup & Recovery
Aneesa Rahman
 
Basic Linux Internals
mukul bhardwaj
 
101 2.5 use rpm and yum package management
Acácio Oliveira
 
101 2.5 use rpm and yum package management
Acácio Oliveira
 

More from Tharindu Edirisinghe (6)

PPTX
Enterprise Cloud Security Posture Management_Kodez.pptx
Tharindu Edirisinghe
 
PDF
ISD_LMS_Lecture4_OOAnalysis____DA-20.pdf
Tharindu Edirisinghe
 
PDF
Securing SAML SSO from XSW attacks
Tharindu Edirisinghe
 
PDF
Owasp API Security top 10 - The need of enterprise solutions for managing API...
Tharindu Edirisinghe
 
PPTX
The Rise of Ransomware
Tharindu Edirisinghe
 
PPTX
Managing Security in External Software Dependencies
Tharindu Edirisinghe
 
Enterprise Cloud Security Posture Management_Kodez.pptx
Tharindu Edirisinghe
 
ISD_LMS_Lecture4_OOAnalysis____DA-20.pdf
Tharindu Edirisinghe
 
Securing SAML SSO from XSW attacks
Tharindu Edirisinghe
 
Owasp API Security top 10 - The need of enterprise solutions for managing API...
Tharindu Edirisinghe
 
The Rise of Ransomware
Tharindu Edirisinghe
 
Managing Security in External Software Dependencies
Tharindu Edirisinghe
 

Recently uploaded (20)

PDF
How-Cloud-Computing-Impacts-Businesses-in-2025-and-Beyond.pdf
Artjoker Software Development Company
 
PDF
The Future of Artificial Intelligence (AI)
Mukul
 
PDF
Software Development Methodologies in 2025
KodekX
 
PDF
Accelerating Oracle Database 23ai Troubleshooting with Oracle AHF Fleet Insig...
Sandesh Rao
 
PDF
OFFOFFBOX™ – A New Era for African Film | Startup Presentation
ambaicciwalkerbrian
 
PPTX
Dev Dives: Automate, test, and deploy in one place—with Unified Developer Exp...
AndreeaTom
 
PDF
Event Presentation Google Cloud Next Extended 2025
minhtrietgect
 
PDF
Security features in Dell, HP, and Lenovo PC systems: A research-based compar...
Principled Technologies
 
PDF
Google I/O Extended 2025 Baku - all ppts
HusseinMalikMammadli
 
PDF
REPORT: Heating appliances market in Poland 2024
SPIUG
 
PDF
AI-Cloud-Business-Management-Platforms-The-Key-to-Efficiency-Growth.pdf
Artjoker Software Development Company
 
PDF
Get More from Fiori Automation - What’s New, What Works, and What’s Next.pdf
Precisely
 
PDF
SparkLabs Primer on Artificial Intelligence 2025
SparkLabs Group
 
PDF
AI Unleashed - Shaping the Future -Starting Today - AIOUG Yatra 2025 - For Co...
Sandesh Rao
 
PDF
Automating ArcGIS Content Discovery with FME: A Real World Use Case
Safe Software
 
PDF
The Future of Mobile Is Context-Aware—Are You Ready?
iProgrammer Solutions Private Limited
 
PPTX
OA presentation.pptx OA presentation.pptx
pateldhruv002338
 
PDF
Make GenAI investments go further with the Dell AI Factory
Principled Technologies
 
PDF
CIFDAQ's Market Wrap : Bears Back in Control?
CIFDAQ
 
PDF
NewMind AI Weekly Chronicles - July'25 - Week IV
NewMind AI
 
How-Cloud-Computing-Impacts-Businesses-in-2025-and-Beyond.pdf
Artjoker Software Development Company
 
The Future of Artificial Intelligence (AI)
Mukul
 
Software Development Methodologies in 2025
KodekX
 
Accelerating Oracle Database 23ai Troubleshooting with Oracle AHF Fleet Insig...
Sandesh Rao
 
OFFOFFBOX™ – A New Era for African Film | Startup Presentation
ambaicciwalkerbrian
 
Dev Dives: Automate, test, and deploy in one place—with Unified Developer Exp...
AndreeaTom
 
Event Presentation Google Cloud Next Extended 2025
minhtrietgect
 
Security features in Dell, HP, and Lenovo PC systems: A research-based compar...
Principled Technologies
 
Google I/O Extended 2025 Baku - all ppts
HusseinMalikMammadli
 
REPORT: Heating appliances market in Poland 2024
SPIUG
 
AI-Cloud-Business-Management-Platforms-The-Key-to-Efficiency-Growth.pdf
Artjoker Software Development Company
 
Get More from Fiori Automation - What’s New, What Works, and What’s Next.pdf
Precisely
 
SparkLabs Primer on Artificial Intelligence 2025
SparkLabs Group
 
AI Unleashed - Shaping the Future -Starting Today - AIOUG Yatra 2025 - For Co...
Sandesh Rao
 
Automating ArcGIS Content Discovery with FME: A Real World Use Case
Safe Software
 
The Future of Mobile Is Context-Aware—Are You Ready?
iProgrammer Solutions Private Limited
 
OA presentation.pptx OA presentation.pptx
pateldhruv002338
 
Make GenAI investments go further with the Dell AI Factory
Principled Technologies
 
CIFDAQ's Market Wrap : Bears Back in Control?
CIFDAQ
 
NewMind AI Weekly Chronicles - July'25 - Week IV
NewMind AI
 

Security Considerations on Linux Package Management

  • 2. Hello!I am Tharindu Edirisinghe You can find me at …. tharindue.blogspot.com @thariyarox https://lk.linkedin.com/in/ediri [email protected]
  • 6. A Personal Package Archive (PPA) is a special software repository for uploading source packages to be built and published as an APT repository by Launchpad. While the term is used exclusively within Ubuntu, Launchpad host Canonical envisions adoption beyond the Ubuntu community. Source : http://askubuntu.com/questions/4983/what-are-ppas-and-how-do-i-use-them https://en.wikipedia.org/wiki/Personal_Package_Archive
  • 7. sudo apt-get install <package name>
  • 8. You can add a PPA to your system with a single line in your terminal. Open a terminal and enter: sudo add-apt-repository ppa:shutter/ppa Now, as a one-off, you should tell your system to pull down the latest list of software from each archive it knows about, including the PPA you just added: sudo apt-get update Install Shutter sudo apt-get install shutter
  • 9. sudo dpkg -i <package file>
  • 10. The Advanced Package Tool, or APT, is a free software user interface that works with core libraries to handle the installation and removal of software on the Debian, Slackware and other Linux distributions. APT simplifies the process of managing software on Unix-like computer systems by automating the retrieval, configuration and installation of software packages, either from precompiled files or by compiling source code. APT was originally designed as a front-end for dpkg to work with Debian's .deb packages, but it has since been modified to also work with the RPM Package Manager system via APT-RPM.The Fink project has ported APT to Mac OS X for some of its own package management tasks, and APT is also available in OpenSolaris. Source : https://en.wikipedia.org/wiki/Advanced_Packaging_Tool
  • 11. dpkg is the software at the base of the package management system in the free operating system Debian and its numerous derivatives. dpkg is used to install, remove, and provide information about .deb packages. Source : https://en.wikipedia.org/wiki/Dpkg
  • 12. package_name ├── DEBIAN │ ├── control (meta data of the package) │ ├── preinst (execute before installing the package) │ ├── postinst (execute after installing the package) │ ├── prerm (execute before un-installing the package) │ └── postrm (execute after un-installing the package) │ └── /……. (folders and files following the linux file structure) Source : https://www.hivelocity.net/kb/what-are-preinst-postinst-prerm-and-postrm-script-2/
  • 13. demo
  • 14. mkdir -p helloworld_1.0-1/usr/local/bin cp ~/Projects/Hello World/helloworld helloworld_1.0-1/usr/local/bin/ mkdir helloworld_1.0-1/DEBIAN vi helloworld_1.0-1/DEBIAN/control dpkg-deb --build helloworld_1.0-1 Source : https://ubuntuforums.org/showthread.php?t=910717 Package: helloworld Version: 1.0-1 Section: base Priority: optional Architecture: i386 Depends: libsomethingorrather (>= 1.2.13), xyz (>= 1.2.6) Maintainer: Tharindu Edirisinghe <[email protected]> Description: Hello World When you need some sunshine, just run this small program!
  • 15. Install a Debian (.deb) package × sudo dpkg -i <package name> List installed packages × dpkg -l <package name with/out wildcards> Un-Install a Debian (.deb) package binaries × sudo dpkg --remove <package name> Un-Install a Debian (.deb) package binaries and configuration files × sudo dpkg --purge <package name>
  • 17. Linux Package Management https://www.linode.com/docs/tools-reference/linux-package-management Package Management Security https://isis.poly.edu/~jcappos/papers/cappos_pmsec_tr08-02.pdf Debian Packaging Tutorial https://www.debian.org/doc/manuals/packaging-tutorial/packaging-tutorial.en.pdf
  • 18. THANKS!Any questions? You can find me at …. tharindue.blogspot.com @thariyarox https://lk.linkedin.com/in/ediri [email protected]