Le samedi 18 février 2012 à 06:09 +0200, Christoph Anton Mitterer a écrit : > Personally I decided to use GNOME-fallback, but via the meta-packages I > still got the GNOME shell... today > I've noticed that it silently installs an extension, which (I can only > assume this by the little > description) does some software installation/enabling for GNOME shell > from extensions.gnome.org. > To me this sounds more like a root-kit than a feature. No GNOME shell extension is ever downloaded without your consent. The browser plugin is only here to make this possible. Plugin integrity is guaranteed by SSL, and extensions have been checked before being put on the website. Anyway this doesn’t work very well so we’d be better with just putting those extensions in another Debian package, but I see this more as a functional problem than a security one. -- .''`. Josselin Mouette : :' : `. `' `-
Attachment:
signature.asc
Description: This is a digitally signed message part