On 2020-07-28 06:47+0200 Ramon Fischer <ramon_fisc...@hotmail.de> wrote:
> […]
> The thing I am concerned about, is, that I am pulling something from
> an external source, which I am installing on my system and giving it
> root privileges[4].
>
> The only best practise I can think of, is, to fork the external
> repository, linking the ebuild to my fork and updating it on demand,
> so I have full control over it.
>
> Would this be the way to do it?
You can mask all packages from a repository in
/etc/portage/package.mask/ with
*/*::repo-name
and unmask the packages you want in /etc/portage/package.unmask/ with
x11-misc/drm_master_util::repo-name
or just the version you want with
=x11-misc/drm_master_util-9999::repo-name
.
The maintainer of the repo could still replace the ebuild with a
malware installer.
