Homebrew itself is only a package manager that download and install packages for you. See: Īll of that being said, on current versions of macOS (Big Sur and Monterey) that run using a sealed system volume (a read-only snapshot of the system), there's very little that can really trash your system files in ways you can't get around by simply nuking your data volume and restoring from your latest Time Machine backup. (It was called "rootless" during development for a reason.) The idea was to eventually get to a system where even in the event of some bit of malware that manages a privilege escalation, there are only a fairly limited number of things it can do, rather than giving it access to your entire system. That said, as long as you leave System Integrity Protection enabled, the root user is still pretty locked down. There's no reason to assume Homebrew will be magically different. But you didn't personally audit every last package you installed on Fedora. Is it possible that some cask or something in Homebrew carries malware or something that's going to unintentionally misbehave? Sure, it's always possible. Were you especially worried then? If not, then the open source repos on MacPorts and Homebrew are essentially not going to be more of a security risk than what you were already doing. You installed stuff from the Fedora repos all the time. If you're super extra worried about malware, clamav is in both MacPorts and Homebrew, if you want. I am going to give it a shot.īeing extra cautious about security (as far as I'm aware) is precisely why Homebrew installs everything as your regular user, rather than installing as root. I am not so much worried about the very specific software I would get via these methods, but what setting up/using Home-brew/Mac Ports could do to impact security.ĮDIT: Seems like the consensus and my research as shown that Homebrew (not many people chimed in about Mac Ports) seems relatively trust worthy and safe/secure. Doing so for a small, select few bits of software wouldn't be worth a meaningful lapse in security to me.Ĭan anyone weigh in on how secure/insecure using these options are?įinal thought, I am aware that any system is only as secure as the person using it and how well (or poorly) it is configured. I am very security conscious and am worried using something like the above mentioned package managers/repos could expose my system (vs only using the App Store/direct installing software I trust). While most of my software/app needs are met just fine there are occassions when I start looking for software and it leads me to needing to use something like Home-brew or Mac Ports. I am new to Macs (2021 16" MacBook Pro), coming from using Linux (mostly Fedora) for my daily computing. You should have received a copy of the GNU General Public License along with this program. See the GNU General Public License for more details. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version. The source for the Cakebrew website is also present on GitHub! Visit the repository. If you wish to contribute by translating Cakebrew to your language, please open a new issue in GitHub. Although most of the original code has already been modified, his project was the kickstart for what would become Cakebrew, and his commits are still in the working tree.Īlternatively, it can be installed via homebrew cask, with brew install cakebrew -cask.įrom version 1.1, Cakebrew supports localizations!Īs of now, the following languages are supported:
0 Comments
Leave a Reply. |