Custom web browser protocol to install from apt-get

Bart Vullings (Windkracht8) bartv at windkracht8.com
Fri Mar 24 17:40:10 GMT 2006 

Yes, off course, but still, putting something on a website to install on 
your computer is dangerous for inexperienced users. I don't want users 
to give the sudo password when there on a website! ever! This might make 
them think that this is ok in other situations as well.
So a better solution IMHO is to tell the user to install the program via 
synaptic accompanied with a link to the synaptic-how-to-wiki.
This also educates the user on how to "properly" install software on 
there system.
And as for the 3rd-party software, IMHO the best way is to tell the user 
to download a .deb and then tell them to install it with 'gdebi'.

This way the users knows it is installing something on his/her computer 
and that this is something you should'nt do unless you want/need this 
piece of software.

Regards,
Bart Vullings.

Jason Taylor wrote:

>Well you would still need the sudo password, and the idea is to limit
>to existing repos in the sources.list.
>
>Kiwi
>
>On 3/22/06, Bart Vullings (Windkracht8) <bartv at windkracht8.com> wrote:
>  
>
>>I'm agreeing with Jamie here, I know to many people just clicking "ok".
>>When you add this, you take away the nice thing about Linux, which is
>>users not installing malware.
>>
>>So, killer idea, but the people who got problems with synaptic should,
>>most proberly, not be allowed to install software. Those who should be
>>allowed to install software, should not trust a website to do this.
>>
>>Cheers,
>>Bart Vullings.
>>
>>Tristan Wibberley wrote:
>>
>>    
>>
>>>Crossposted to sounder again, please reply there.
>>>
>>>Jamie Jones wrote:
>>>
>>>      
>>>
>>>>On Mon, 2006-03-20 at 09:59 +0000, Who wrote:
>>>>
>>>>        
>>>>
>>>>>On 3/19/06, Jason Taylor <killerkiwi2005 at gmail.com> wrote:
>>>>>          
>>>>>
>>>>>>As a bonus maybe also apt-get-add-repo://
>>>>>>
>>>>>>Another use, the applications web site could actully give a link for
>>>>>>installing the application instead of a "avalible in dapper repo"
>>>>>>
>>>>>>Anybody else think this would be usefull, users would never have to
>>>>>>drop to command line you could have links on the howto page
>>>>>>instead.....
>>>>>>            
>>>>>>
>>>>>I think this would make a _world_ of difference to many Windows users
>>>>>who are _used_ to downloading programs from internet sites, and who
>>>>>don't really get the whole repository idea!
>>>>>          
>>>>>
>>>>I don't think it is such a good idea myself. This has a fantastic
>>>>potential for installing rootkits and other malware on an ubuntu system.
>>>>It takes all of 10 seconds to make a .deb that will erase your entire
>>>>system as soon as it is installed. It also opens up the real possibility
>>>>of linux based viruses to have an environment to thrive in, because when
>>>>installing these applications, it is installed with root privileges.
>>>>        
>>>>
>>>I think adding repositories could be a dangerous thing, but when faced
>>>with a deb, some users would just install it. A link that only
>>>installs from the preconfigured repositories would be a sure winner
>>>though, what would you say to that (I've made it work - even with
>>>data: urls from xchat after some hacking about).
>>>
>>>It still needs lots of work and a GUI, so this should go to sounder.
>>>
>>>      
>>>
>>--
>>ubuntu-devel mailing list
>>ubuntu-devel at lists.ubuntu.com
>>https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel
>>
>>    
>>
>
>.
>
>  
>

More information about the ubuntu-devel mailing list