Re: Trustworthiness of unaccounted Debian packages

To: Debian User <debian-user@lists.debian.org>
Subject: Re: Trustworthiness of unaccounted Debian packages
From: Paul Johnson <baloo@ursine.ca>
Date: Wed, 17 Dec 2003 19:46:22 -0800
Message-id: <[🔎] 20031218034622.GD20498@ursine.ca>
Mail-followup-to: Debian User <debian-user@lists.debian.org>
In-reply-to: <[🔎] 20031216134359.GC16957@tik.ee.ethz.ch>
References: <[🔎] 20031216134359.GC16957@tik.ee.ethz.ch>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Tue, Dec 16, 2003 at 02:43:59PM +0100, Lukas Ruf wrote:
> what is the trustworthiness generally expected from packages that are
> not in the main-line of the Debian distribution?

Do you know and trust the person who created and is distributing the
packages?  No?  Then none whatsoever.  Yes?  Then as much as you trust
that person.

> For example, packages that I find on <people.debian.org> and packages
> found elsewhere?

Go with the one on p.d.o.

- -- 
 .''`.     Paul Johnson <baloo@ursine.ca>
: :'  :    
`. `'`     proud Debian admin and user
  `-  Debian - when you have better things to do than fix a system
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (GNU/Linux)

iD8DBQE/4SMOUzgNqloQMwcRAjFRAKChZzP107l9AvTt3unGeDpiaEE5fwCgwUWU
IhtL1OSKw66lIrKdH5q5ZOA=
=qEOH
-----END PGP SIGNATURE-----

Reply to:

References:
- Trustworthiness of unaccounted Debian packages
  - From: Lukas Ruf <ruf@rawip.org>

Prev by Date: Re: right kernal for AMD
Next by Date: Re: XP-LINUX Dual Boot
Previous by thread: Re: Trustworthiness of unaccounted Debian packages
Next by thread: Nautilus won't die
Index(es):
- Date
- Thread