[Bug 1213353] Re: Software Updater requires installation of untrusted packages
markling
1213353 at bugs.launchpad.net
Sat Aug 17 11:39:30 UTC 2013
** Attachment added: "Software Updater Untrusted.png"
https://bugs.launchpad.net/ubuntu/+source/update-manager/+bug/1213353/+attachment/3775709/+files/Software%20Updater%20Untrusted.png
--
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to update-manager in Ubuntu.
https://bugs.launchpad.net/bugs/1213353
Title:
Software Updater requires installation of untrusted packages
Status in “update-manager” package in Ubuntu:
New
Bug description:
Software updater tells me it requires installation of untrusted
packages. It says, "This requires installing packages from untrusted
sources."
But it does not tell me what packages are untrusted. It does not tell
me what untrusted sources it is required to retrieve packages from.
And it does not tell me why these packages and sources are untrusted.
It neither offers any way of learning this information.
It also denies me any choice in the matter. The warning dialogue has
two actions. One is <settings>, which is clearly useful for anyone who
already knows the answers to the unanswered questions raised above.
The other is <OK>, an invitation to go ahead and install the anonymous
untrusted packages from the anonymous untrusted sources. There is no
option to decline the installation of these packages.
Being a user of but little knowledge, it just so happens that the
little knowledge I have tells me not to install anonymous untrusted
packages from untrusted sources. It's the sort of thing parents tell
their children nowadays after saying they shouldn't talk to strangers.
So I do the only thing I can, short of spending a week of nights and
weeks more nights to learn what it is all about. (If only I had so
much time). I close <X> the window and hope it goes away. But it has
come back again. I think it might keep coming back. What if it's an
important piece of software? What if my operating system fails because
I won't let it install anonymous untrusted packages from untrusted
sources? And what oh! of the tragic irony if I end up getting
malicious anonymous untrusted packages from untrusted sources getting
in through a breach in my security left by my refusal to install
anonymous untrusted packages from untrusted sources?
ProblemType: Bug
DistroRelease: Ubuntu 13.04
Package: update-manager 1:0.186.1
ProcVersionSignature: Ubuntu 3.8.0-27.40-generic 3.8.13.4
Uname: Linux 3.8.0-27-generic x86_64
ApportVersion: 2.9.2-0ubuntu8.3
Architecture: amd64
Date: Sat Aug 17 12:18:55 2013
GsettingsChanges:
b'com.ubuntu.update-manager' b'first-run' b'false'
b'com.ubuntu.update-manager' b'launch-time' b'1376737045'
b'com.ubuntu.update-manager' b'show-details' b'true'
b'com.ubuntu.update-manager' b'window-height' b'468'
b'com.ubuntu.update-manager' b'window-width' b'680'
InstallationDate: Installed on 2012-11-28 (261 days ago)
InstallationMedia: Xubuntu 12.10 "Quantal Quetzal" - Release amd64 (20121017.1)
MarkForUpload: True
PackageArchitecture: all
SourcePackage: update-manager
UpgradeStatus: Upgraded to raring on 2013-05-14 (94 days ago)
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/update-manager/+bug/1213353/+subscriptions
More information about the foundations-bugs
mailing list