Re: zero install - serious critiques?
On Fri, 13 Jan 2006 15:51:20 +0100, Joris Huizer
<jorishuizer@planet.nl> wrote:
>you may see this as some problem:
>
>"Isn't running stuff off the net a security risk?
>Isn't that where you get your software from anyway? Zero Install
>automatically performs a number of checks for you (such as checking MD5
>sums and GPG signatures), and since it doesn't run any of the remote
>code as root, you can try software out safely as a 'guest' user. Once
>downloaded, the programs are run from the cache, without even checking
>the original sites for updates (you have to tell it to update manually)."
>
>That means: no security updates or whatever I guess
right. this problem is part and parcel of all gnu/linux "bundled
application" solutions that are available atm iirc. no? a trade-off
of less security for greater ease of use by the enduser.
the upside seems to be that the end-user is less likely to fubar the
whole os if they zero install some malware since the zero install
system says it confines all activity to user space. am i
understanding this correctly?
peace,
david
Reply to: