MagicPoulp wrote:Installing a .deb from Google does not give sudo access to google on my computer.
No, but adding the repo lets them put whatever they want on your box.
Only the installation uses sudo not the execution of the program.
There is nothing (technical) stopping them including a data mining service that starts at boot and runs as root.
And the package manager is very smart.
It only copies files to the /usr/bin and put config files and libraries in other folders. It cannot do more than copy files.
Really?
... and the pre & post-inst script mechanisms?
dpkg only allowed to create a source file which refers to the package name.
sudo less /etc/apt/sources.list.d/google-chrome.list
That can be called anything and contain anything.
If really you don't want to run sudo, you can use a chroot, that is a fake root folder.
Which has nothing to do with the subject.
Besides, AppArmor will be by default in Buster. So applications will be even more protected.
Snake Oil salesmen are alive and doing well.