https://bugzilla.rpmfusion.org/show_bug.cgi?id=6505
--- Comment #12 from Petr Menšík <pemen...@fedoraproject.org> ---
(In reply to leigh scott from comment #11)
> Dropbox doesn't provide dropbox binary download for other arches.
Oh, if the dropbox subpackage is in fact just installer and wrapper around
downloaded binary from dropbox, then I think it should be obvious at least from
the package description. It is just installer and launcher for unpackaged
service.
It seemed to me so far only icons have any license limitation. If it requires
binary-only executable to be fetched and installed locally without having its
own package, it should be obvious from the package description. In current
state it is not in my opinion. It is even misleading when only GPL is mentioned
in the license.
I expected the client part is in fact open source, which clearly is not
correct. Does it obfuscate the installation process intentionally?
I think third-party binary able to update itself on its own accord is
potentially dangerous. I think it must be obvious what it does from the package
description. I would feel safer if it ran inside some kind of container and had
access only to folders I explicitly offered to it. If it would share all my
passwords or tokens stored in my home, I would never know. It is not possible
to check at packaging time, because we do not have even binary blob to
analyse.
It does not even provide any way to uninstall the downloaded daemon after the
first run. I think full uninstall instructions should be mentioned in some doc.
It is definitely not mentioned in README.md, that it installs local executable
somewhere into $HOME.
--
You are receiving this mail because:
You are on the CC list for the bug.
_______________________________________________
rpmfusion-developers mailing list -- rpmfusion-developers@lists.rpmfusion.org
To unsubscribe send an email to rpmfusion-developers-le...@lists.rpmfusion.org
