Frantisek Dufka wrote:
Aniello Del Sorbo wrote:
Yes, and the Application Manager (by looking at the packages flags
somehow) could tell if this is a system app (and thus ask the User to
enter somekind of passphrase) or a user app (thus installing it with
no hassle). Asking the User for a kind of passphrase will give
Application Manager root privileges and thus dpkg could be ran as root
and those apps would install as usual and do their (good) job.
And how is this different from the current warning about non Nokia
application? I simply fail to see any additional security.
Because people don't usually read warnings and tap OK too fast.
Entering a passphrase makes them think.
If a package is not labeled as a system one, it can be installed without
even the warning (as it would be installed as 'user').
Again, I am not saying that with that system you are safe.
There's no way to be safe.
I am only saying that that system makes it a bit harder to brick the
device, but my whole point at the beginning was to only tell people that
dpkg does not require root privileges.
The discussion went on and I throwed away this idea that, a part from
giving a slight (let's call it) safer installation system, COULD give
the chanche of installing apps on the memory card (and this is totally
unrelated with the security issue).
At almost NO additional cost.
So you basically want another similar dialog telling you this package
(dropbear) can really mess your system?
No.
--
anidel
PS: I think we can stop the discussion here :)
_______________________________________________
maemo-users mailing list
maemo-users@maemo.org
https://maemo.org/mailman/listinfo/maemo-users
