Michael, Your points we well and valid, and I hope you understand that I was not suggesting users do not evaluate applications they install onto their systems or blindly trust 3rd-party software, commercial or FOSS.
I believe though that my point of "being able to trust" FOSS a bit more than commercial software is valid because FOSS is Free, Open Source. You often can never tell what a commercial peice of software will do to your system as it's source code is never available. AUtomation can also be a bad thing as you've pointed out. They make the lives of end-users easier, and this needs to be carefully scoped and controlled. Automating too much can be quite bad, trying to be too clever as equally as bad. At the end of the day, it does come down to the user's responsibility. Now this thread is off-topic :) So we should either stop here or start a new thread! With regards to Pygame and Python in the Web Browser for a gaming platform, I do not believe this will happen anytime soon, nor do I think it's a generally godo idea -- Unless the Web Community and Industry decides that Python is a better language than JavaScript (and it is), and start implementing this as a standard in Web Browsers. However, you will still likely not get pygame games running! :) cheers James On 9/10/08, Michael <[EMAIL PROTECTED]> wrote: > On Wednesday 10 September 2008 04:31:10 James Mills wrote: > > However having said that > > I tend to trust FOSS more than > > commercial software. > > > I once worked with an admin who REALLY should've known better. As in REALLY > should've known better. Did exactly these sorts of steps: > > > > > 1. Install Python > > 2. Install setuptools > > 3. easy_install <your favourite game> > > > > > (Wasn't quite the same, it was a set of install instructions) > > The system rebuilds he was doing for the next week reminded him about: > > > > step 4. "Audit code to be sure it isn't evil". > > > Easy install is a nice idea in theory, but it assumes that everyone is perfect > and isn't going to do something that either accidentally (or maliciously) > trashes your machine. > > For example. CPAN has a mode of usage similar to easy_install/setuptools in > that it'll figure out the dependencies for you and install them. Whilst they > fixed it a *long* time ago now, one of the modules decided to say > (innocently) that it was dependent on the latest version of Perl that most > people weren't then using. The CPAN shell installer happily tried to upgrade > a significant number of people's perl installations. > > This was a bad idea on so many levels, and was an accident, and it's > been fixed now. However, it does demonstrate how stupid it can be to assume > that such things are safe. It just takes one (stupid) file to trash things > after all. (eg "chmod a+rwx /" can be remarkably fatal when run as root, > and if that was created from "chmod a+rwx %s/" % somevar, it's remarkably > easy to miss.) > > > > However having said that > > I tend to trust FOSS more than > > commercial software. > > > The reason for that though is because you'll get people turning round, looking > at something like encouraging (eg non-developer) users to run arbitrary > untrusted code on their systems turn round and say "you do realise that > that's just asking for trouble, don't you?" > > :) > > > > Michael. > -- -- -- "Problems are solved by method"