Am Dienstag, den 07.08.2007, 01:04 +0200 schrieb Krzysztof Lichota: > Chris Wagner napisaĆ(a): > > Every time someone comes up with a new, more-intuitive way to install > > software on Linux, there seems to be more negative comments about it > > than positive. I recall similar comments when Gdebi was proposed, but > > it seems to have gone over okay. > > > > I only see one major flaw in Krzysztof's model: security. (Am I wrong? > > Are there other serious problems?) Unfortunately, that's arguably the > > most important issue. Rather than shrug off this solution, though, why > > not come up with a mechanism for making it (at least somewhat) secure? > > I completely agree the security is important.
even a signed software can do a lot of harm to your system. installing software from the internet blindly is perhaps the cause for most unstable windows systems. if a package would be signed by the ubuntu developers it should be part of the distribution. if you require to only install signed packages only you would at least make sure that the package creator has got some basic skills. furthermore it could be nice to make use of the gnupg web of trust here. you could calculate a trust level from the number and kind of signatures. what are your plans about an translation infrastructure for the oci files? if you don't find any translators you won't get any translations - the current problem of ddtp. you mentioned tucows and a central wiki page many times. any plans on this? the idea was discussed several times in the past, but it was never implemented in the official ubuntu frame work. perhaps an error, since now we seem to get a lot of separated sites with no central quality assurance. cheers, sebastian -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
