Re: discuss debian 's attitude to ppa

To: debian-user@lists.debian.org
Subject: Re: discuss debian 's attitude to ppa
From: mudongliang <mudongliangabcd@hotmail.com>
Date: Sat, 23 May 2015 16:28:19 +0800
Message-id: <[🔎] BLU436-SMTP226FFC9680D09CCF2EB18F4BCCF0@phx.gbl>
In-reply-to: <[🔎] 20150523092855.36d02c7c@monster>
References: <[🔎] BLU436-SMTP118A0427F8D8E427D3C4CEEBCCF0@phx.gbl> <[🔎] 55602015.3030809@eumx.net> <[🔎] BLU436-SMTP1673C3DC5C236CF3F042690BCCF0@phx.gbl> <[🔎] 20150523092855.36d02c7c@monster>



On 05/23/2015 03:28 PM, Petter Adsen wrote:

On Sat, 23 May 2015 15:13:33 +0800
mudongliang <mudongliangabcd@hotmail.com> wrote:

On 05/23/2015 02:37 PM, Dalios wrote:

That said you can try to install the .deb package with other ways
(for example using gdebi) but the main drawback (apart from any
inconsistencies already mentioned) is that the package won't be
updated with the rest of the system because apt/synaptic will not
be able to do this.

At last , I want to talk about the future of ppa in Debian! Even the
leader has said the weakness of ppa! Maybe Debian will not use ppa!
Maybe LMDE is just a hint! Isn't it!?
mudongliang

The major problem with using a ppa is that the software has not been
vetted by the Debian project. It could contain malware or other
security problems, and the maintainer of the ppa can suddenly decide to
drop support of it, leaving you with a package that does not receive
updates.

You need to consider whether you trust the person running the ppa to
not introduce weaknesses to your system. With the Debian repositories,
there is a system in place to handle all of this. Adding a foreign
repository _can_ make you vulnerable. You just don't know.

I think Debian is a distribution which focuses security and stablity. Somaybe it should help these interesting ,useful,meaning project importinto Debian project!

Things out of control may be a bomb I think!

Sometimes, you should not rely on the users to classify the problem ofapplication in ppa! The users may only know its function ,but not itsdetails ,or dependency!

Maybe it has many vulnerablities for attacker to hack! Maybe it is a virus!


There is also the matter of dependencies, if the repository you are
using is not intended for your exact distribution.

It's not a matter of not supporting ppas, it's a matter of not
recommending them. You can always add the repository to sources.list
and add the key manually.

I have to confess what you said! The user who write list file forhis/her system may know much about this software or be an experienceduser of Debian!

mudongliang

Reply to:

Follow-Ups:
- Re: discuss debian 's attitude to ppa
  - From: Petter Adsen <petter@synth.no>

References:
- discuss debian 's attitude to ppa
  - From: mudongliang <mudongliangabcd@hotmail.com>
- Re: discuss debian 's attitude to ppa
  - From: Dalios <dalios@eumx.net>
- Re: discuss debian 's attitude to ppa
  - From: mudongliang <mudongliangabcd@hotmail.com>
- Re: discuss debian 's attitude to ppa
  - From: Petter Adsen <petter@synth.no>

Prev by Date: Re: discuss debian 's attitude to ppa
Next by Date: Re: discuss debian 's attitude to ppa
Previous by thread: Re: discuss debian 's attitude to ppa
Next by thread: Re: discuss debian 's attitude to ppa
Index(es):
- Date
- Thread