Hello Simon, On Fri, Dec 02, 2016 at 11:50:11AM +0100, zimoun wrote: > One of the main advantage of `package.el` combined to `use-package` is > that it works without any administrator privileges. Therefore, I can > use some exotic add-ons on my lab computer without querying the always > busy sysadmin. (that's why I am also using `conda` or `cRan` and I am > testing Guix, whatever!). Yes, but when package.el downloads packages from the Internet it does so in an insecure manner: https://glyph.twistedmatrix.com/2015/11/editor-malware.html https://github.com/melpa/melpa/issues/2342 This is what we are trying to avoid. package.el is just not very safe yet. > I did not find too much information, so my question is: the idea > behind such tools and the aim of `elpa-*` packages is to add Debian > infrastructure to (M)ELPA, keeping the flexibility of `package.el` ? > I mean, is it possible to install `elpa-*` package without > administrator privilege ? e.g., with the option `:ensure t` of > `use-package` ? Or before I need to install system-wide the `elpa-*` > package by APT tools ? No, installing elpa-* packages requires administrator privileges. -- Sean Whitton
Attachment:
signature.asc
Description: PGP signature