On Thu, Dec 01, 2022 at 05:16:56PM +0800, Paul Wise wrote:
> On Sat, 2022-11-26 at 19:42 +0100, Patrice Duroux wrote:
> > Any (or a specific group of) users could be able to install any
> > package of the first class by their own without asking a sysadmin (or
> > explicitly acquiring privilege of) user.
> The general idea of a safe way to allow users to manage system-wide
> apt packages has come up before, here is another writeup about it:
> https://wiki.debian.org/UntrustedDebs
> The goal of allowing all users to manage installed software seems like
> something better served by app sandboxing technologies like Flatpak.
> It is probably possible to convert .deb packages to Flatpak packages.

Alternatively: trust your users. Give them all sudo. Have safeguards
in place for when things get messed up.

I think the flatpack frenzy is for when you want to install from less
trusted soures and live in the illusion that things will be OK.

There's an xkcd for that, but I can't find it now :-)


Attachment: signature.asc
Description: PGP signature

Reply via email to