How to inspect and validate a deb package before installation?

package-management dpkg

Use this:

dpkg-deb --info <deb file>

Prefer to use apt if you need them to be signed.


Normal deb files do not contain all data you need, except that you can get by dpkg-deb --info or look into DEBIAN/control file.

You can have dsc files with this data, if you download from launchpad or official repositories.

Deb files are not signed by default. General recommendation is not to install deb packages from sites you do not trust.

There are no special security instruments in Debian packages.

Related

UEFI or Legacy? Which is advised and why?
How to Exit sqlite3 in terminal
How to 'rm' or 'mv' a range of files such as file01.txt, file02.txt...file85.txt
How to install scipy and numpy on Ubuntu 16.04?
Why is the Ubuntu One server side application proprietary?
Is there a lightweight way to snap windows in Lubuntu?
How to shred a folder?
Open multiple firefox tabs from command line
How to turn off the display via the command line?
Why does exclamation mark within double quotes cause a Bash error?
What does "--" mean in terminal commands?
How do I rename an mdadm raid array?