On Fri, Feb 28, 2003 at 06:08:23PM +0100, Fabio Massimo Di Nitto wrote: > BTW never forget that external archive can be as dangerous as usefull. > Warn ALWAYS the user that is not an official repository and don't use it > only for your own "glory".. help the official maintainer with what it will > come out of its usage. Glory is an interesting choice of word. I've packaged several small applications because I wanted to be able to install them upon my Debian boxen. By making them packages I can do this in a simple consistent and auditable manner. Each package usually contains a single script and manpage, not something I'd suggest uploading to Debian proper, especially as in recent times the phrase "archive bloat" gets bandied around an awful lot. By sharing those packages I'm helping other users who'd want them, whilst reducing the load upon the main Debian package repository and it's mirrors. Surely this is a win win situation for everybody? Any glory is really going to upstream (OK me in my case) for writing the code which others want, not to the packager, or maintainer of the debs. I guess the only tricky part is knowing when a package is sufficiently popular that it should go into Debian for real. I've not reached that point with any of my little .debs, but I can imagine others have. As an aside I wonder how well SE-Linux, or the other improved security patches handle installation issues? I know that by installing a random package you're effectively giving the package maintainer root upon your box. I'd imagine that a package installation process needs to have full write access to your machine to do it's job, so most of the policies that would prevent random hacks would be disabled. If anybody could explain this to me I'd be very greatful. Steve --- # Some random debs. www.steve.org.uk/apt/
Attachment:
pgpv7KNynyybG.pgp
Description: PGP signature