posted by Rianne Schestowitz on Jul 14, 2024



Quoting: Pacman 7.0 Package Manager Released, Here's What's New —

The new version’s highlight is the addition of the DownloadUser configuration option. This setting allows heightened security by dropping privileges when downloading files and addressing common vulnerabilities associated with file permissions during downloads.

This means that files are now temporarily stored in a directory owned by DownloadUser, ensuring that the download process remains contained and does not write outside the designated area on Linux systems.

Moreover, for advanced users needing more control, Pacman 7.0 introduces the DisableSandbox option alongside a --disable-sandbox flag. This feature allows download write restrictions to be disabled, which is useful in scenarios where users operate within a secured or customized environment.