I noticed Debian does this by default and Arch wiki recommends is citing improved security and upstream.

I don’t get why that’s more secure. Is this assuming torrents might be infected and aims to limit what a virus may access to the dedicated user’s home directory (/var/lib/transmission-daemon on Debian)?

  • nanook@friendica.eskimo.com
    link
    fedilink
    arrow-up
    1
    ·
    edit-2
    2 months ago

    @CasualTee @Quail4789 With torrent you are specifying the filename when you start the torrent, or at least I am. Thus any data can only go into that file. Usually when you use torrents the way I do, primarily for downloading distros, occasionally source code, an md5sum is provided. Thus before you use the downloaded data you do an md5sum on it and check it against the value it is provided. If it’s not the same you remove the file and start over, if it is you know you didn’t get any additional data.