I am considering installing custom DEB packages in my Whonix template VM. I would like to know the risk assessment of doing so. I want to do this so that I can use the same software in multiple AppVMs based on the Whonix Workstation template.
My reasoning is that the software is not natively available in the Whonix template, and I don’t want to trust third parties. Therefore, I am considering downloading developer-signed DEB packages directly and installing them manually (after proper verification). What are your thoughts on this? Besides having to trust the additional software, is installing a custom .deb package a risk to the template VM? Could anything break by doing that?
How would you handle a situation in which the software is not available directly?
Would you say that trusting the Debian repositories is okay, given that this is an inherent assumption of Whonix?