[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: dpkg | dselect | apt : debian-qa fields planned?



On Sun, Jan 16, 2000 at 05:42:53PM +1100, Hamish Moffatt wrote:
> On Sat, Jan 15, 2000 at 12:06:25PM +0100, Thierry Laronde wrote:
> > Is there any plan to add some debian-qa fields to handle the packages removed
> > or withdrawned, so that the user know why he can't find anymore some package |
> > can't upgrade | is strongly suggested to remove it for security reasons.
> 
> I don't think anybody has been working on this or talked about it.
> These packages show up as 'obselete' in dselect and usually it is
> safe to keep them installed unless they cause conflicts. [..]
> 
> But as you point out, it doesn't let us tell the user that they should
> remove the package for security reasons. It might be possible to do this
> without modifying all the tools; perhaps a special package (of priority
> required or standard or similar) could conflict with any packages which
> should be removed?

Well, this is an interesting solution which, as you say, could be implemented
without disruption. Perhaps can it be combined with my proposal of an extra-file
( Stake.gz), that would not be cached, and that would allow a kind of
automatic security alert when one uses dselect or apt-get in a remote mode.
Packages.gz would be an unmodified file since the release, and the modifications
would be handle by this supplementary file.

Cheers,
-- 
Thierry LARONDE
thierry.laronde@polynum.com
website : http://www.polynum.com


Reply to: