On 21/05/2016 8:03 AM, Hakan Peker wrote: > You looking for a technical solution to a social problem. sources.list > exist for the very purpose that repositories can be added to the system. > A system where this facility don't exist or restricted is a form of > walled garden. > > Adding an update repository for the very same package the user has > deliberately installed is a *convenience*. It is disrespectful of admin > modification only if the program keeps reverting the admin modification > and doesn't provide an option to disable this behavior. At that point > you would be better contacting upstream that you are not comfortable > with the behavior and you want such an option to disable the repository.
The fact that a deb can run arbitrary code, then it MUST be trusted and there are limits to how much trust I can give to outside third parties; it is too great a risk as far as I am concerned. Cheers A.
signature.asc
Description: OpenPGP digital signature
