Re: dpkg feature implementation
On Wed, Jan 6, 2010 at 6:31 AM, Steve Langasek <vorlon@debian.org> wrote:
> On Tue, Jan 05, 2010 at 06:59:40PM +0530, dE . wrote:
>> Problem is you have to make these DVD/CD, or in general storage media.
>> Windows people are not willing to do that...they just want click and
>> install.
>
> You want people to be able to install packages without a network, and
> without using DVDs/CDs.
>
> What, pray, are you intending them to click on if it's neither media nor a
> network resource?
>
What about a single package which was brought on a pendrive and made
to install on just clicking it?...gdebi style.
I've repeated this many times now.
>> People get confused and scared when they see so many packages which
>> are suppose to be 'installed' in someway.
>
> I have no idea who these people are, but your proposed solution is not an
> appropriate response to irrational fears.
>
> On Tue, Jan 05, 2010 at 04:31:41PM +0530, dE . wrote:
>
>> I myself use Gentoo;
>
> So you don't actually use the tools you're suggesting to modify, and don't
> understand how they work in the first place?
>
That's cause I'm administering debian based OSs which are installed on
various desktops and I'm maintaining it although not using it.
>> > Sorry, running stuff to install things is the hardest part. Because it
>> > requires very hard checks that it will only install stuff and not do
>> > evil things or allow installing stuff as user (and then having all the
>> > hassle to move things manually to their final place).
>
>> That is a disadvantage, but following the advantages, the security
>> part is acceptable.
>
> It sounds like you are saying that it's acceptable to compromise security in
> order to make it easier for end users to install software.
>
> Over my dead body.
>
These people who have problems with the current packaging system are
common people representing 90% of computer users who do not use
Windows...Linux is used in a community of "technical people"
(according to these common people). If Linux has to have a
considerable share in the desktop market these things has to be
sacrificed...if you do not want this to happen and make your own world
of nerds...then this idea is actually trash.
There is always a security problem when it comes to installing
something which's not directly downloaded form a trustable
server...whether it be source codes or deb package of a software
which's not in the repository or even if someone gave it to claiming
it's form the repos...you never know.
The sdebp poses the same security issues as with deb packages...after
all it's just many deb packages made into a single archive...there's
hardly any difference. As a result I'm with Martin...it need to be a
third party application or a new component of apt, not a dpkg
modification.
> --
> Steve Langasek Give me a lever long enough and a Free OS
> Debian Developer to set it on, and I can move the world.
> Ubuntu Developer http://www.debian.org/
> slangasek@ubuntu.com vorlon@debian.org
>
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.10 (GNU/Linux)
>
> iQIVAwUBS0Pgz1aNMPMhshM9AQjX8g/+PNw2JVHHyOvx8Yn/AAN2uOIBU+nrQ/P7
> 7BXovupbixMdraTp0eTdsm/MDG01TG9ovzoR4AV9Hp4EZSZ6vzXCDZKyDJ/wC69B
> VUCdCAOM1+1raws2olyQjW4+raBdDmCTcyqicgPW0GUyICFbHlz7qq0hXhlEVulz
> 2QBI1ciIb++GLvVuVTTsRWeMIFIYpdAib/TmoAZ7RWjcj4BaIQBMHDtADSls8kMA
> LeUH+hVRypHOcPaOy+iaoVQcE4CcMYtBv4uQLxHFmq8vBW+i7xRAf8glmFNS1bra
> yr1v8mGap+RbvSyChDQOWh16EIdVHnK/8BcaYmGKcvkulz8cN2fKf+MAlrYEqZq2
> o8w3M+NqHLeeOdzO2qrTayawuJKuLbFayYdMHl8wRDkPGGchcAlJIVkmx/tsOr9n
> sfkal6TZt1F2C2Pvj0xllHodwyr6ZIXk1fvL4AGF+488rrHoupJzzyhcPfMJshM8
> hIwCgIHnzuuKDOAv+jVOsMZMTSLgR+xv2OQ3SRrJkIiuQ0bxUbcfT5C3xpUxTmLK
> agNLrmi0fnbnUb6QGuTWDurT5lr4gixm/KPa5wgRen79HfXHfhwHxTqRuck4e5It
> JRkeW40IHHUQpP9/Uy5crYjums2TV8IvRQfwnhaUyW+SBf3eWTMFvTHUhE9717KA
> B2YXU4zVuAk=
> =CMj8
> -----END PGP SIGNATURE-----
>
>
Reply to: