On 25/09/2007 Milan wrote:
> And then, before adding a repository, it should print : -
> the number of packages the repository provides and - the list of
> installed or main packages that may be replaced automatically. Using for
> example two dialogs, you would need to click twice on 'Next' to inst
Vincenzo Ciancia a écrit :
> Adding a way for people to provide user-friendly apt sources without
> having to upload screenshots on how to add sources in
> "system/administration/sources" (whatever it is called in english) does
> not change the overall security model of ubuntu and apt, which is, if
On 25/09/2007 Wouter Stomp wrote:
> > > How is this different from providing links to .deb packages? Users
> > > unaware about architectures et al are not really capable to
> > > understand comments next to the link either. If they are, you can do
> > > the same for apturl links.
> > >
>
> The use
On 9/18/07, Alexander Sack <[EMAIL PROTECTED]> wrote:
> On Mon, Sep 17, 2007 at 10:33:15PM +0200, Wouter Stomp wrote:
> > 1. It's possible to run arbitrary scripts in the preinst/postrm phase
> > of dpkg installation or the installed program itself could be
> > malicious. By allowing the repository
On Tue, Sep 18, 2007 at 12:25:00PM +0200, Alexander Sack wrote:
> > 2. Repositories added through apturl could provide packages included
> > in Ubuntu but with higher version numbers with malicious code.
>
> ... this is a feature, not an issue.
I'm really not convinced by that. We shouldn't be m
On Mon, Sep 17, 2007 at 10:33:15PM +0200, Wouter Stomp wrote:
> 1. It's possible to run arbitrary scripts in the preinst/postrm phase
> of dpkg installation or the installed program itself could be
> malicious. By allowing the repository to be specified the deb can come
> from anywhere. So, you've
Hello,
I would like to discuss the recent inclusion of apturl in the Gutsy
default installation. The idea of apturl is great but the current
implementation has a lot of issues, some of which I will list here:
1. It's possible to run arbitrary scripts in the preinst/postrm phase
of dpkg installati
