Except when you install something on linux package manager of your distro is executed as opposed to installer that was made by developer of package you are installing. And you probably install install packages from your distro’s repos, unless you are on Debian of course.
Or you can run package manager as user that usually installs in ~/.local. Or unpack yourself.
Package managers have post install scripts and hooks that would allow you to install a rootkit. Then again they can also just add services on many Linux systems, which can run as root. Just put a systemd unit file in the right place and enable it.
The security advantage of Linux is having trusted repos and using things like FlatPak. System packages being malicious would very much be able to infect a system. Just look at the XZ backdoor for an example.
Except when you install something on linux package manager of your distro is executed as opposed to installer that was made by developer of package you are installing. And you probably install install packages from your distro’s repos, unless you are on Debian of course.
Or you can run package manager as user that usually installs in ~/.local. Or unpack yourself.
Package managers have post install scripts and hooks that would allow you to install a rootkit. Then again they can also just add services on many Linux systems, which can run as root. Just put a systemd unit file in the right place and enable it.
The security advantage of Linux is having trusted repos and using things like FlatPak. System packages being malicious would very much be able to infect a system. Just look at the XZ backdoor for an example.